New BlackRock Android malware can steal passwords and card data from 337 apps
Android apps targeted by this new trojan include banking, dating, social media, and instant messaging apps.
A new Android malware strain has emerged in the criminal underworld that comes equipped with a wide range of data theft capabilities allowing it to target a whopping 337 Android applications.
Named BlackRock, this new threat emerged in May this year and was discovered from mobile security firm ThreatFabric.
Researchers say the malware was based on the leaked source code of another malware strain (Xerxes, based itself on other malware strains) but was enhanced with additional features, especially on the side that deals with the theft of user passwords and credit card information.
BlackRock still works like most Android banking trojans, though, except it targets more apps than most of its predecessors.
The trojan will steal both login credentials (username and passwords), where available, but also prompt the victim to enter payment card details if the apps support financial transactions.
Per ThreatFabric, the data collection takes place via a technique called "overlays," which consists of detecting when a user tries to interact with a legitimate app and showing a fake window on top that collects the victim's login details and card data before allowing the user to enter the intended legitimate app.
In a report shared with ZDNet this week prior to publication, ThreatFabric researchers say the vast majority of BlackRock overlays are geared towards phishing financial and social media/communications apps. However, there are also overlays included for phishing data from dating, news, shopping, lifestyle, and productivity apps. The full list of targeted apps is included in the BlackRock report.
10000 Jobs in Jammu and Kashmir
Get All The Latest Official Government jobs Delivered Straight Into Your Inbox For Free!
0 Comments
did you like our Jobs portal ?