New BlackRock Android Malware can steal passwords and card data from 337 apps

Parthiv Menon

July 15, 2020

A new Android malware named BlackRock emerged in late May this year and was identified by a mobile security firm ThreadFabric. Researchers say that this malware is based on the source code of another malware named Xerxes. The malware has been additionally equipped to enhance its credit card and password theft capabilities. BlackRock is believed to target at least 337 apps and steals credentials like most trojans. According to ThreadFabric, the data collection happens via a technique called ‘overlay’ where the user is shown a fake window on attempting to authenticate with the legitimate app. Financial and social media apps are where most of the phishing overlays operate. However, dating, news, shopping, and productivity apps have also been affected. The malware requests access to the Accessibility feature of the phone and then uses it to display malicious overlays. Researchers at ThreadFabric also say that the malware can intercept messages, spam contacts with pre-defined messages, log key taps, and show custom push notifications. Being disguised as an official google update package offered on a third party site, BlackRock hasn’t yet been spotted on Play Store.

Abridged fromZDnet