A new android malware named Black Rock has been detected. It can steal data from almost 337 android apps. This malware, detected in early May is said to be dangerous enough to many popular apps like Snapchat, Gmail, and Uber. Mobile Cyber Security Company ‘Thread Fabric’ gave out more details about Black Rock.
The source code for Black Rock is similar to another recently discovered malware named Xerxes. Nevertheless, this new one has more upgraded features. They have the capability of stealing credit, debit card credentials, and passwords.
Unlike other Android apps, the target number of Black Rock is quite high; to be precise it has been 337 so far. The target includes popular and widely used Twitter, Microsoft outlook, google play services, Netflix, and Amazon to name a few. Besides, it also includes many shopping, lifestyle, news, and dating apps. The full list of all suspected target apps is available on the site of Thread Fabric.
How does it work?
Method Overlay is used by Black Rock to steal data. They use fake windows and popups for the illegal operation. Users can never identify or differentiate this and are tricked to fill in their details as if in the legitimate app.
Once it enters the target system, it takes control over the android accessibility. This makes it easier for the malware to enter any app on the phone without the user’s permission. To get the admin access, Black Rock controls the Android DPC (device policy controller) and create overlays. It can log into apps, control messages, and collect device information. Not to mention, researches say that it is even capable of diverting antivirus software like Avast, AVG, and Kaspersky among many others.
Malware gains access to target devices through fake google updates. Once it enters, it can hide its app icon and carry out malicious activities in the background without the user’s knowledge. So it is absolutely necessary to check the security of device updates.
More technology news:
Reliance Jio’s 2G free India
Google and Apple preview new emojis