Cybersecurity threats are prevalent in an ecosystem that houses a lot of sensitive data like banking passwords, personal photographs, and more. Hackers are constantly deploying malware to hack into a user’s account to extract sensitive information.
Another such malware has come under the radar of cybersecurity research firm ThreatFabric, which has discovered the BlackRock malware in Android.
BlackRock, like most malware, has the ability to steal passwords and critical information from about 377 apps like Facebook, Netflix, Tinder, Gmail, and more. As per the report, the threat posed by BlackRock is very high.
What is BlackRock?
This isn’t a new strain of malware. BlackRock is based on the leaked source code of a previous malware called Xeres. Xeres was itself derived from another malware called LokiBot.
BlackRock is considered more potent as it has the ability to target more applications than previous malware.
How Does BlackRock Malware Work?
BlackRock targets Android devices. Once it is installed on the smartphone, it monitors targeted apps. When the user enters sensitive information, like passwords or credit card details, into these apps, the malware sends that data to the hacker’s server.
The malware uses the phone’s accessibility feature and then uses an Android DPC (device policy controller) to gain access to other app permissions.
When the malware is launched for the first time it hides from the app drawer so that the user is not able to detect it. Under the disguise of apps like Facebook, Netflix among others, it asks for accessibility permissions. Once the permission is granted the malware automatically grants itself access to other apps in the background.
At this point, the smartphone data can be accessed by a hacker sitting at a remote location as the data is being relayed to them by the malware.
Which Apps Are Vulnerable?
According to the report, BlackRock isn’t just restricted to banking apps and targets general apps like dating, communication, reading, entertainment, and music apps.
Researchers also observed that the malware could also steal other credentials like username and passwords from apps like PayPal, Amazon, eBay, Gmail, Google Pay, Uber, Amazon, and Netflix among others.
In addition to the above, the malware also steals credit card information from apps like Facebook Messenger, Instagram, PlayStation, TikTok, Twitter, WhatsApp, and YouTube.
ThreatFabric says that the BlackRock malware can also be used to steal and send SMSs, and even hide notifications.
How to Protect Yourself from BlackRock Malware
Since the report says that the malware renders most of the antivirus apps ineffective, users are advised to download applications that have been authenticated by the Google Play Protect program and not download any apps from third-party sources.
Users are also recommended to change their passwords and use special characters in them. They should also avoid opening emails from unknown sources and should not download any unknown attachments.
The report says that a solution to the problem could be on the way.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)