A new Android malware named “BlackRock” has been discovered that steals data such as password and credit card details from 337 apps including some of the popular ones like Gmail, Amazon, Netflix, Uber, and more.
Daily Current Affairs Quiz 2020
Key-Points
BlackRock isn’t exactly a new malware. In fact, it is based on the leaked source code of the Xeres malware, itself derived from malware called LokiBot. The only big difference between BlackRock and other Android banking trojans is that it can target more apps than previous malwares.
The malware steals login credentials including username and passwords) and sends prompt to users to enter payment credit card details.
It collects data through a technique called “overlays”. It basically detects when a user interacts with a legitimate app and places a fake window on top that asks for login and credit card details before the user enters the actual app.
BlackRock works like most Android malware. Once installed on a phone, it monitors the targeted app. When the user enters the login and/or credit card details, the malware sends the information to a server. BlackRock uses the phone’s Accessibility feature, and then uses an Android DPC (device policy controller) to provide access to other permissions.
