The cybersecurity experts at ThreatFabric have shed light on the actions of a new malware on Android: BlackRock. The way this malware works is reminiscent of several other infamous major malware, including LokiBot and Anubis. If the latter were primarily aimed at banking applications, BlackRock is innovating somewhat and tackling messaging and social networking applications, without losing interest in banking apps. A renewal of targets which could be explained by the explosion in popularity that this type of apps experienced during confinement.
The researchers explain in their report that, like LokiBot and Anubis from which he took the source code, BlackRock is based on a so-called “overlay” attack. Once the malware has successfully deployed to a smartphone through a infected app or the like, it deploys and patiently waits for its victim to open WhatsApp, PayPal, Amazon, Outlook, or any of the 337 applications targeted for display a fake login page - by overlay - and thus retrieve the login details of its victim.
Multifunction
While the way malware works is nothing new, it has perfected over the years and can easily go unnoticed, potentially claiming significant numbers of victims. ThreatFabric researchers also point out that BlackRock is not only targeting messaging and social networking apps, but is also trying to recover the bank data of its victims.
To avoid this kind of unpleasant surprises and not to lose access to your various accounts, it is essential to be vigilant when downloading applications. If the Play Store has security measures to fight against applications infected with malware, some manage to find their way. Besides that, downloading apps outside of the official Google store poses a greater risk of encountering malware, especially when you don't know the publisher of the app or the exact source of the file. It is recommended that you only download apps from trusted sources. Installing an antivirus app can also be a way to protect yourself against malware and other Trojans.
High Tech
Dangerous Cerberus virus hits Android again by hiding in apps
High Tech
Twitter hacking: Hackers gained access to 36 direct messengers
- Cyber attack
- Social networks
- Smartphone
- Computer virus
- Android
- High Tech
- Cybersecurity
- Mobile app
- Cybercriminality