BlackRock Android Malware
The BlackRock Android Malware is a new mobile threat that is being actively propagated via bogus Google updates that are being hosted on 3rd-party app stores. Users who are tricked into downloading and running one of the fake update installers may unknowingly introduce the BlackRock Android Malware to their mobile device. Once the malware implant is active, it may ask the user to give it permission to access the 'Android Accessibility' module – this is a common tactic that Android malware uses, since this permission enables them to perform all kinds of operations on the infected device.
The core functionality of the BlackRock Android Malware is similar to banking Trojans, but its creators have made one huge improvements – instead of targeting just a few selected financial applications, the BlackRock Android Malware goes after over 300 apps that belong in different categories such as financial, social media, photography, news, dating, video editing, and more.
BlackRock Hijacks Login Credentials, Payment Information, and Other Sensitive Data
The primary goal of the BlackRock Android Malware is to steal sensitive payment information and login credentials from its victims. It achieves this by inserting carefully designed overlays whenever users try to open one of the apps that the malware targets – the overlay may prompt the victim to either enter their account data, or to confirm their payment option. If the victim complies with these requests, the information they enter will be transmitted to the command and control server of BlackRock's operators.
On top of display fraudulent overlays, the BlackRock Android Malware can execute additional tasks such as:
- Read incoming text messages before the user sees them – often used to bypass two-factor authentication via a text message code.
- Send SMS messages to all contacts.
- Run apps.
- Log key taps – like a mobile keylogger.
- Show push notifications with content provided by the attacker.
- Disable mobile security software.
Although the BlackRock Android Malware has not made its way to the Google Play Store yet, it is very likely that this will happen in the near future. Many cybercriminals have successfully bypassed Google's app review process to plant malware on the official Google Play Store, and it would certainly not be a surprise of BlackRock's creators also succeed.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.