The new Android Malware is targeting the Android apps that include banking, social media, dating and instant messaging apps.
There is a new Android malware that has emerged in the criminal underworld. It can equip a wide range of information deft abilities. The malware also allows it to target 337 Android applications at one time.
BlackRock is the name and this threat has emerged in May. It was discovered by ThreatFabric, a mobile security firm.
According to the researchers, this malware is based on leaked code sources or other malware strains. But this is enhanced with added features as it has the ability to theft os user passwords and information regarding credit cards.
BlackRock works like Android banking trojans. Just, it targets more apps than its many known predecessors.
It can steal login credentials but also it prompts the user to enter the card details. According to ThreatFabric, the collection of data happens when “overlays” that consists of detecting what the user really wants to do happens. They show a fake window that collects the data that is login details even before letting the user enter the legitimate app.
BlackRock is not really unique. It works like many other Android app’s malware that uses old and tried and tested ways.
Just after installation, the app tainted with BlackRock trojan collects the information by having access to the phone’s accessibility feature.
This feature is one of the powerful features. It can automate tasks and can even perform tasks on behalf of the user.
BlackRock also used this Accessibility feature to grant itself permission to have access over other android apps. It then becomes the admin to get hold over the device.
According to ThreatFabric, this trojan can perform other operations as well, like:
- Spam contacts with predefined SMS
- Intercept SMS messages
- Start specific apps
- Show custom push notifications
- Perform SMS floods
- Log key taps
- Sabotage mobile antivirus apps
Though, the gangs of Android malware have found ways to go through Google’s app review process prior to this trojan. Soon, users are likely to see BlackRock as the one that gets deployed in the Play Store.