Researchers at the Cybersecurity found a new malware that is present on Android whose main goal is to target all kinds of banking as well as social apps. All of your social media, dating apps and banking data is at a serious risk due to the presence of this malware. It also targets cryptocurrency. The number of apps present on the target list of this malware is around 337.
Threatfabric Researches are calling the malware as BlackRock who found it in May. The source code of the malware is linked to another baking malware Xerxes and Xerxes itself is also part of the Lokibot Android Banking Trojan. Some of the main features of this malware are:
- Stealing User Information
- Message Interception
- Access to Notifications
- Clocking from Anti-Virus Softwares
The BlackRock has seen some major changes in its code which has allowed it to target more and more apps that aren’t even present in the lists. There are a lot of social networking apps included in the malware which is great threat for everyone.
The data collection is done by the BlackRock in the form of abusing Android’s accessibility options. The first time, the malware launches on the mobile, it asks the users to gives it permission for updates from Google which are totally fake. It tricks the users into thinking that they are updating through Google but little do they know that they are actually installing a malicious malware in their mobile phones.
If you have provided it with the initial permissions, then it will automatically allow itself further permissions because it needs to form a connection with the remote sever. Then that servers allows it to inject the malware by introducing overlays which will be presented at the login screens for payments and all other accounts. These overlays are also found of most of the banking apps which are mainly present in Europe, US, Australia and Canada. These overlays are not just limited to banking apps but will also be present on various shopping and business apps as well.
There are some big companies in the target list such as:
- Snapchat etc.
These are some of the biggest apps on the market and having a malware that targets these apps is very harmful and dangerous for everyone. As a lot of information can be leaked using these platforms.
The surprising thing is that this is not the first time a malware has messed with Android’s accessibility features. In the start of the year, TrickMo was discovered by IBM X-Force that is a malware which only targets users present in Germany. This malware was used to steal the OTP, TAN and pushTAN codes from the people.
EventBot is a similar app working in a very similar way to TrickMo but instead it works on targeting only the financial applications. It was used to intercept messages and also hack the authentications codes for SMS.
Why is BlackRock Dangerous?
The main thing that makes BlackRock dangerous is the number of apps present in the target list. Before it, the malware used to target some specific types of applications but now, BlackRock is focused on all apps. People behind BlackRock will continue to improve their malware and make it more dangerous than ever.
With the changes being made in the banking trojans, it has become very easy for banking malware and spyware to become united and become a greater security threat for big organizations.
Related Post: Record Increase Rate in Coronavirus Cases
Follow Us For More Updates (AI Crowds)