A new Android malware has been discovered by a team of security researchers that affects a range of social, communication and dating apps. The name of the malware is BlackRock and it is a banking Trojan, which is derived from the code of the existing Xerx malware (virus). However, despite being a banking Trojan, it is said to affect non-financial applications. It pretends to be a Google update at first, and once users’ permission is granted, it hides its icon from the app drawer and starts working in the background.

The analyst team of Netherlands-based threat intelligence firm ThreatFabric accordingBlackRock was first spotted in the Android world in May. It is capable of stealing users’ information as well as credit card information.

Although the BlackRock malware has similar capabilities to the average Android banking Trojan, it affects a total of 337 apps, which is much more than the current known Trojans.

This malware is designed to perform tasks like overlay attack, spam, SMS theft and lock the victim into launcher. It also acts like a keylogger, which helps hackers gain access to user financial information. Not only this, researchers have also found that this malware has the ability to evade antivirus like Avast, AVG, BitDefender, Eset, Trend Micro, Kaspersky or McAfee.

According to ThreatFabric, the BlackRock malware uses an accessibility service included in Android to place a matching layer on top of the original app to capture the information entered by users. It is specially designed to capture the credit card information of the user.

Leave a Reply

Your email address will not be published.