What's New :
What's New :

info@iasscore.in

8448496262

हिन्दी

CURRENT AFFAIRS FOR UPSC IAS

BlackRock Android malware

facebook sharing button
telegram sharing button
whatsapp sharing button
twitter sharing button
twitter sharing button Copy

Published: 27th Jul, 2020

Security firm ThreatFabric has alerted about a new malware, called BlackRock, which can steal information like passwords and credit card information from about 377 smartphone applications, including Amazon, Facebook, Gmail, and Tinder.

Context

Security firm ThreatFabric has alerted about a new malware, called BlackRock, which can steal information like passwords and credit card information from about 377 smartphone applications, including Amazon, Facebook, Gmail, and Tinder.

About

  • BlackRock is not exactly a new malware. It is based on the leaked source code of the Xeres malware, itself derived from a malware called LokiBot.
  • The only big difference between BlackRock and other Android banking trojans is that it can target more apps than previous malware.
  • According to the ThreatFabric, the malware can be used to send and steal SMS messages, hide notifications, keylogging, AV detection, and much more.
  • The new malware is so powerful that it makes antivirus applications useless.
  • BlackRock isn’t limited to online banking apps and targets general-purpose apps across various categories of Books & Reference, Business, Communication, Dating, Entertainment, Lifestyle, Music & Audio, News & Magazine, Tools, and Video Players & Editors.

How does it work?

  • Once installed on a phone, it monitors the targeted app. When the user enters the login and/or credit card details, the malware sends the information to a server.
  • BlackRock uses the phone’s Accessibility feature and then uses an Android DPC (device policy controller) to provide access to other permissions.
  • When the malware is first launched on the device, it hides its icon from the app drawer, making it invisible to the end-user. It then asks for accessibility service privileges.
  • Once this privilege is granted, BlackRock grants itself additional permissions required to fully function without having to interact any further with the victim. At this point, the bot is ready to receive commands from the command-and-control server and execute overlay attacks.

Protection from BlackRock Android malware

  • Download apps only from the Google Play Stores, use strong passwords, beware of spam and phishing emails, use an antivirus app if possible, and check app permissions.

More Articles

First-Ever Digital Census in 2027
Brazil BRICS Summit
PARAKH Dissemination Portal
700 MWe PHWRs at Kakrapar
Matrilineal Clans in Neolithic China
Forest Rights Act,2006

Verifying, please be patient.

GS SCORE is a teaching platform for Civil Services Examination, both in classroom and online.

  • GS SCORE Telegram
  • GS SCORE Facebook
  • GS SCORE
  • GS SCORE YouTube
  • GS SCORE Linkedin
  • GS SCORE X
  • GS SCORE Instagram
  • GS SCORE Whatsapp

Our Center

IAS SCORE - GS SCORE Official Website

Delhi (Karol Bagh) Centre

GS SCORE, Second Floor, Metro Tower, 1B, Pusa Road,
Karol Bagh, New Delhi - 110005 (Beside Karol Bagh
Metro Station Gate No. 8)

Email: info@iasscore.in

Phone: +91 8448496262

COURSES

TOPPER'S CORNER

RESOURCES

STATE PCS

ACTIVITY

POLICY

ABOUT

Enquire Now