The Parliament received a report stating that BlackRock, a malware with data-stealing capabilities, has been targeting Android mobile devices. The malware is capable of stealing data from more than 300 apps including various email apps, social media apps, messaging apps, and e-commerce apps.
BlackRock isn’t a new malware, but one that is based on the leaked code of the Xeres malware, which itself is derived from another malware called LokiBot.
The only difference between BlackRock and this other malware is that BlackRock can target more apps, including the most common ones such as Facebook, Amazon, Tinder, and Gmail, which is what makes it very dangerous.
The way the malware works is very simple but highly efficient. Once loaded on a mobile device, it first makes itself invisible to the victim by hiding all kinds of information about it from the user.
Unknown to the user, it then uses the accessibility feature on the phone and then an Android DPC (Device Policy Controller) to grant itself all other permissions required.
This way, the victim doesn’t interact with the malware in any way and does not know its presence. Once this is done, every time a password or credit card detail is entered, the malware sends this information to a server where the attacker has access to this information.
Some popular apps which this malware is capable of targeting are – PayPal, Amazon, eBay, Gmail, Google Play, Uber, Yahoo Mail, Amazon and Netflix (for usernames and passwords), and Facebook Messenger, Google Hangouts, Instagram, PlayStation, Reddit, Skype, TikTok, Twitter, WhatsApp, and YouTube (for card details).
Reports say that the malware is also capable of sending and stealing messages, hiding notifications, AV detection, keylogging, and many more actions. It is so powerful that it can render weak antivirus software useless by automatically sending the user to the home screen if they try to open the antivirus software.
This is why it is very essential to invest in a solid internet security program, with the best antivirus software and the best firewall systems. These are constantly updated to counter the latest malware such as BlackRock.
Some basic measures that one can take to counter the malware are to download apps only from the play store, use strong passwords, be careful with suspicious links, and by using strong antivirus software. Follow these and protect yourself and your data effectively.