Home Malware Programs Malware BlackRock Android Malware

BlackRock Android Malware

Posted: July 16, 2020

The BlackRock Android Malware is a new mobile threat that is being actively propagated via bogus Google updates that are being hosted on 3rd-party app stores. Users who are tricked into downloading and running one of the fake update installers may unknowingly introduce the BlackRock Android Malware to their mobile device. Once the malware implant is active, it may ask the user to give it permission to access the 'Android Accessibility' module – this is a common tactic that Android malware uses, since this permission enables them to perform all kinds of operations on the infected device.

The core functionality of the BlackRock Android Malware is similar to banking Trojans, but its creators have made one huge improvements – instead of targeting just a few selected financial applications, the BlackRock Android Malware goes after over 300 apps that belong in different categories such as financial, social media, photography, news, dating, video editing, and more.

BlackRock Hijacks Login Credentials, Payment Information, and Other Sensitive Data

The primary goal of the BlackRock Android Malware is to steal sensitive payment information and login credentials from its victims. It achieves this by inserting carefully designed overlays whenever users try to open one of the apps that the malware targets – the overlay may prompt the victim to either enter their account data, or to confirm their payment option. If the victim complies with these requests, the information they enter will be transmitted to the command and control server of BlackRock's operators.

On top of display fraudulent overlays, the BlackRock Android Malware can execute additional tasks such as:

  • Read incoming text messages before the user sees them – often used to bypass two-factor authentication via a text message code.
  • Send SMS messages to all contacts.
  • Run apps.
  • Log key taps – like a mobile keylogger.
  • Show push notifications with content provided by the attacker.
  • Disable mobile security software.

Although the BlackRock Android Malware has not made its way to the Google Play Store yet, it is very likely that this will happen in the near future. Many cybercriminals have successfully bypassed Google's app review process to plant malware on the official Google Play Store, and it would certainly not be a surprise of BlackRock's creators also succeed.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to BlackRock Android Malware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.