140th Day Of Lockdown

Maharashtra53560136843518306 Tamil Nadu3086492506805159 Andhra Pradesh2445491547492203 Karnataka1886111055993398 Delhi1461341316574131 Uttar Pradesh126722767212120 West Bengal98459671202059 Bihar8274154139450 Telangana8075157586637 Gujarat71064542382652 Assam5883842326145 Rajasthan5249738235789 Odisha4592731785321 Haryana4163534781483 Madhya Pradesh3902529020996 Kerala3433121832109 Jammu and Kashmir2489717003472 Punjab2390315319586 Jharkhand185168998177 Chhatisgarh12148880996 Uttarakhand96326134125 Goa871259575 Tripura6161417641 Puducherry5382320187 Manipur3752204411 Himachal Pradesh3371218114 Nagaland30119738 Arunachal Pradesh223115923 Chandigarh1595100425 Meghalaya11154986 Sikkim9105101 Mizoram6203230
Technology Other News 30 Jul 2020 Android malware &lsq ...

Android malware ‘BlackRock’ may steal your banking data

PTI
Published Jul 30, 2020, 4:16 pm IST
Updated Jul 30, 2020, 4:16 pm IST
BlackRock malware targets 337 applications including brand name apps for social, communication, networking and dating platforms on Android.
When the malware is launched on the victim’s device, it hides its icon from app drawer and then masquerades itself as a fake Google update to request accessibility service privileges. (Photo | Flickr - www.thoughtcatalog.com)
 When the malware is launched on the victim’s device, it hides its icon from app drawer and then masquerades itself as a fake Google update to request accessibility service privileges. (Photo | Flickr - www.thoughtcatalog.com)

New Delhi: The country’s cyber security agency has issued an alert against an Android malware, dubbed ‘BlackRock’ that has the potential to “steal” banking and other confidential data of a user. It can extract credentials and credit card information from over 300 apps such as email, e-commerce apps, social media apps, besides banking and financial apps, the CERT-In said in an advisory.

The “attack campaign” of this ‘Trojan’ category virus is active globally, said the Computer Emergency Response Team of India (CERT-In), the national technology arm to combat cyberattacks and guard Indian cyber space.

 

“It is reported that a new Android malware strain dubbed ‘BlackRock’ equipped with datastealing capabilities is attacking a wide range of Android applications.

“The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan,” the advisory said.

The “noteworthy feature” of this malware is that its target list contains 337 applications including banking and financial applications, and also non-financial and well-known commonly used brand name apps on an Android device that focus on social, communication, networking and dating platforms, it said.

 

“It can steal credentials and credit card information from over 300 plus apps like email clients, e-commerce apps, virtual currency, messaging or social media apps, entertainment apps, banking and financial apps etc,” the advisory said.

The advisory described the infection activity of the virus.

“When the malware is launched on the victim’s device, it hides its icon from app drawer and then masquerades itself as a fake Google update to request accessibility service privileges.”

“Once this privilege is granted, it becomes free to grant itself additional permissions allowing it to function further without interacting with user,” it said.

 

Threat operators can issue a number of commands for various operations such as logging keystrokes, spamming the victims’ contact lists with text messages, setting the malware as the default SMS manager, pushing system notifications to the C2 (command and control) server, locking the victim in the device home screen and steal and hide notifications, send spam and steal SMS messages and many more such activities, the advisory said.

The virus is deadly as it has the capability to “deflect” majority of anti-virus applications.

 

“Another feature of this Android Trojan is making use of “Android work profiles” to control the compromised device without requiring complete admin rights and instead creating and attributing its own managed profile to gain admin privileges,” it said.

The federal cyber security agency suggested some counter-measures: do not download and install applications from untrusted sources and use reputed application market only; always review the app details, number of downloads, user reviews and check ‘additional information’ section before downloading an app from play store, use device encryption or encrypt external SD card; avoid using unsecured, unknown Wi-Fi networks among others.

 

Also, when it comes to downloading banking apps one should use the official and verified version and users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware, the advisory said.

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

...




ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT