A mobile security firm called ThreatFabric has discovered a new Android malware called BlackRock. This new Android strain is targeting about 337 apps of several categories to steal sensitive credentials and credit card details. Though it’s said to be developed from a leaked source code of another malware, authors have developed it well with new features.
New Android Malware Steals Data Through 337 Apps!
Android malware has grown sophisticated in recent times. A newly discovered malware by ThreatFabric in May this year, is targeting about 337 Android apps from various categories like banking, instant messengers, social media, dating, news, shopping, lifestyle, and productivity apps. The malware is being spread as a new Google update via third-party websites, and once downloaded, it asks for Accessibility permissions!
Accessibility access in Android is a huge grant since the core feature would let for process automation and also root access to many apps. Thus, BlackRock achieving this feat makes it go through. Further, BlackRock works a technique called overlays, which is to pop-up a fake window on a legitimate app while the user is opening it, and ask for credentials.
Besides this, it will also be asking for card details whenever there’s a financial payment. BlackRock’s working mechanism is similar to other Android malware, except that it’s targeting more apps than others. Besides stealing data, BlackRock is also capable of intercepting SMS messages, performing SMS floods, spamming contacts with predefined SMS, logging key taps, and even showing custom push notifications.
Since it’s sophisticated, researchers expect this malware to be coming to Playstore soon, by some means. There have been instances where professional malware authors are spreading their malware through Playstore, bypassing Google checks.
Via: ZDNet
