Android Users Beware Of BlackRock Malware Credential Stealer

July 29, 2020

Written by wukovits

Do you have an Android phone? If so, be advised that there’s a new threat to be on the lookout for.

The threat takes the form of a malware strain that’s being called BlackRock. It is a banking trojan that specializes in pilfering login and credit card information, which means that if you get infected, it’s likely to hit you hard.

The new variant was discovered by security researchers and analysts operating out of ThreatFabric. Based on an analysis of the code, it is a derivative of the Xerxes banking malware, which traces its roots back to the LokiBot trojan.

The key difference between this malware strain and the strains it was derived from is this: LokiBot and Xerxes focused their attention exclusively on banking and payment card information. BlackRock is equally interested in social media and dating site logins.

It’s a fairly stealthy piece of code, too, disguising itself as a Google Update, which requests Accessibility Services privileges and hiding its icon when it is launched. Even worse, once a victim grants the malware access to Accessibility Services, it will begin granting itself additional permissions out of the sight of the victim.

In addition to banking apps, BlackRock also targets a number of cryptocurrency wallet apps, including Coinbase, BitPay, and Binance, as well as popular apps like Microsoft Outlook, Gmail, Uber, Amazon, Netflix, and Google Play.

The researchers at ThreatFabric had this to say about their discovery:

The second half of 2020 will come with its surprises, after Alien, Eventbot and BlackRock, we can expect that financially motivated threat actors will build new banking Trojans and continue improving the existing ones.

With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, banking malware will pose a threat for more organizations and their infrastructure, an organic change that we observed on Windows banking malware years ago.”

All that to say, it’s a serious threat, so be on the alert for it.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Major Cyber Attack at OMV

Louisiana’s Office of Motor Vehicles (OMV) is one of a still undetermined number of government entities, major businesses, and organizations to be affected by an unprecedented Data Breach.There is no indication at this time that cyber attackers who breached MOVEit...

New Graphene Technology May Increase Hard Drive Storage

HDDs are old, well understood technology. They haven't changed much in recent years. In fact, increasingly, people are writing them off, preferring SSDs for their greater speed and smaller size, even though HDDs are less expensive. The clever folks at the University...

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Send us a message

Your message was sent.