ETV Bharat / science-and-technology

New BlackRock Android malware can steal User Data from 337 Apps

Col. Inderjeet Singh, Cyber Security Expert, Director General, Cyber Security Association of India found that a new Android malware, BlackRock, has emerged in a way that it comes equipped with a wide range of data theft capabilities, allowing it to target a whopping 337 Android applications

blackrock malware ,threatfabric on blackrock
New BlackRock Android malware can steal User Data from 337 Apps
author img

By

Published : Jul 18, 2020, 3:12 PM IST

Updated : Feb 16, 2021, 7:31 PM IST

New Delhi: This new malware, BlackRock, threat emerged in May this year and was discovered by mobile security firm ThreatFabric.

Col. Inderjeet explains that once installed on a device, a malicious app tainted with the BlackRock does the data collection by abusing Android's Accessibility Service privileges, for which it seeks users' permissions under the guise of fake Google updates when it's launched for the first time on the device, as shown in the screenshots.

blackrock malware ,threatfabric on blackrock
Screenshot
blackrock malware ,threatfabric on blackrock
Screenshot

BlackRock uses the Accessibility feature of the Andriod Operating System to grant itself access to other Android permissions and then uses an Android device policy controller to give itself administrative access to the device.

Interestingly, of the 337 unique applications in BlackRock's target lists, many applications haven't been observed to be targeted by banking malware before. Those "new" targets are mostly not related to financial institutions and are overlayed in order to steal credit card details. The target list of non-financial apps contains famous applications such as but not limited to Tinder, TikTok, PlayStation, Facebook, Instagram, Skype, Snapchat, Twitter, Grinder, VK, Netflix, Uber, eBay, Amazon, Reddit, and Tumblr.

blackrock malware ,threatfabric on blackrock
Ways BlackRock works

As per ThreatFabric the second half of 2020 will come with its surprises, after Alien, EventBot, and BlackRock, we can expect that financially motivated threat actors will build new banking Malwares and continue improving the existing ones.

Col Inderjeet advises, " Keep the Android operating system updated, apps to be updated, have a proper anti-virus in the mobile phone, do not download any app which is malicious in nature. Do not give any undue permissions of your mobile phones to any apps."

Prof N K Goyal, Chairman, Cyber Security Association of India, is also of the opinion, "We should safely use the applications and not fall in the trap laid by malware and lose our valuable data."

Also Read: Insight into Twitter hacks using Bitcoin Scam by Col. Inderjeet Singh, DG, CSAI

New Delhi: This new malware, BlackRock, threat emerged in May this year and was discovered by mobile security firm ThreatFabric.

Col. Inderjeet explains that once installed on a device, a malicious app tainted with the BlackRock does the data collection by abusing Android's Accessibility Service privileges, for which it seeks users' permissions under the guise of fake Google updates when it's launched for the first time on the device, as shown in the screenshots.

blackrock malware ,threatfabric on blackrock
Screenshot
blackrock malware ,threatfabric on blackrock
Screenshot

BlackRock uses the Accessibility feature of the Andriod Operating System to grant itself access to other Android permissions and then uses an Android device policy controller to give itself administrative access to the device.

Interestingly, of the 337 unique applications in BlackRock's target lists, many applications haven't been observed to be targeted by banking malware before. Those "new" targets are mostly not related to financial institutions and are overlayed in order to steal credit card details. The target list of non-financial apps contains famous applications such as but not limited to Tinder, TikTok, PlayStation, Facebook, Instagram, Skype, Snapchat, Twitter, Grinder, VK, Netflix, Uber, eBay, Amazon, Reddit, and Tumblr.

blackrock malware ,threatfabric on blackrock
Ways BlackRock works

As per ThreatFabric the second half of 2020 will come with its surprises, after Alien, EventBot, and BlackRock, we can expect that financially motivated threat actors will build new banking Malwares and continue improving the existing ones.

Col Inderjeet advises, " Keep the Android operating system updated, apps to be updated, have a proper anti-virus in the mobile phone, do not download any app which is malicious in nature. Do not give any undue permissions of your mobile phones to any apps."

Prof N K Goyal, Chairman, Cyber Security Association of India, is also of the opinion, "We should safely use the applications and not fall in the trap laid by malware and lose our valuable data."

Also Read: Insight into Twitter hacks using Bitcoin Scam by Col. Inderjeet Singh, DG, CSAI

Last Updated : Feb 16, 2021, 7:31 PM IST
ETV Bharat Logo

Copyright © 2024 Ushodaya Enterprises Pvt. Ltd., All Rights Reserved.