Left Menu
Development News Edition

Android malware 'BlackRock' prowling in cyber space, may steal banking data: Advisory

It can extract credentials and credit card information from over 300 apps such as email, e-commerce apps, social media apps, besides banking and financial apps, the CERT-In said in an advisory. "It can steal credentials and credit card information from over 300 plus apps like email clients, e-commerce apps, virtual currency, messaging or social media apps, entertainment apps, banking and financial apps etc," the advisory said.

PTI | New Delhi | Updated: 30-07-2020 15:32 IST | Created: 30-07-2020 15:32 IST
Android malware 'BlackRock' prowling in cyber space, may steal banking data: Advisory

The country’s cyber security agency has issued an alert against an Android malware, dubbed 'BlackRock', that has the potential to "steal" banking and other confidential data of an user. It can extract credentials and credit card information from over 300 apps such as email, e-commerce apps, social media apps, besides banking and financial apps, the CERT-In said in an advisory. The "attack campaign" of this 'Trojan' category virus is active globally, said the Computer Emergency Response Team of India (CERT-In), the national technology arm to combat cyberattacks and guard Indian cyber space. "It is reported that a new Android malware strain dubbed 'BlackRock' equipped with datastealing capabilities is attacking a wide range of Android applications. "The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan," the advisory said. The "noteworthy feature" of this malware is that its target list contains 337 applications including banking and financial applications, and also non-financial and well-known commonly used brand name apps on an Android device that focus on social, communication, networking and dating platforms, it said. "It can steal credentials and credit card information from over 300 plus apps like email clients, e-commerce apps, virtual currency, messaging or social media apps, entertainment apps, banking and financial apps etc," the advisory said. The advisory described the infection activity of the virus.

"When the malware is launched on the victim's device, it hides its icon from app drawer and then masquerades itself as a fake Google update to request accessibility service privileges." "Once this privilege is granted, it becomes free to grant itself additional permissions allowing it to function further without interacting with user," it said. Threat operators can issue a number of commands for various operations such as logging keystrokes, spamming the victims' contact lists with text messages, setting the malware as the default SMS manager, pushing system notifications to the C2 (command and control) server, locking the victim in the device home screen and steal and hide notifications, send spam and steal SMS messages and many more such activities, the advisory said. The virus is deadly as it has the capability to "deflect" majority of anti-virus applications.

"Another feature of this Android Trojan is making use of "Android work profiles" to control the compromised device without requiring complete admin rights and instead creating and attributing its own managed profile to gain admin privileges," it said. The federal cyber security agency suggested some counter-measures: do not download and install applications from untrusted sources and use reputed application market only; always review the app details, number of downloads, user reviews and check 'additional information' section before downloading an app from play store, use device encryption or encrypt external SD card; avoid using unsecured, unknown Wi-Fi networks among others.

Also, when it comes to downloading banking apps one should use the official and verified version and users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware, the advisory said..


TRENDING

OPINION / BLOG / INTERVIEW

Post-COVID-19 Nigeria needs a robust Health Management Information System to handle high disease burden

Nigeria is among a few countries that conceptualised a health management information system HMIS in the early 90s but implementation has been a challenge till date. Besides COVID-19, the country has a huge burden of communicable and non-com...

Morocco COVID-19 response: A fragile health system and the deteriorating situation

Learning from its European neighbors, Morocco imposed drastic measures from the initial stages of the COVID-19 outbreak to try to contain its spread. The strategy worked for a few months but the cases have surged after mid-June. In this sit...

COVID-19: Argentina’s health system inefficiencies exaggerate flaws of health information system

You can recover from a drop in the GDP, but you cant recover from death, was the straightforward mindset of Argentinas President Alberto Fernndez and defined the countrys response to COVID-19. The South American nation imposed a strict...

Rwanda’s COVID-19 response commendable but health information system needs improvement

Rwanda is consistently working to improve its health information system from many years. However, it is primarily dependent on the collection and reporting of health data on a monthly basis. Besides, evaluation studies on Rwandas HIS publis...

Videos

Latest News

Young Gill shines in KKR's seven-wicket win over SRH

Young Shubman Gill drove, pulled and cut with authority in an unbeaten 62-ball 70 as Kolkata Knight Riders overwhelmed Sunrsiers Hyderabad by seven wickets in the Indian Premier League here on Saturday. Gill and Eoin Morgan 42 not out in 29...

It was just political compulsion; Amarinder on SAD quitting NDA

Punjab Chief Minister Amarinder Singh has termed the Akali Dals decision to quit the NDA as a case of political compulsion for the Badals, who were left with no other option after the BJPs public criticism of the SAD over the farm bills. Am...

Lebanese security forces kill two members of armed group, sources say

The Lebanese security forces killed at least two militants during a heavy exchange of fire on Saturday with an armed group in northeast Lebanon, close to the Syrian border, security sources said. Three members of the Lebanese security force...

Local police commander killed in Taliban attack in Badakhshan

A local police commander was killed in a Taliban attack in the northeastern province of Badakhshan province on Friday, said the spokesperson for the provincial police chief. According to Tolo News, the attack occurred in the Aba Yaftal area...

Give Feedback