Android has never been untouched by things like Malware and Spyware. However, the security updates from Android have never let these things impact the user largely. Recently, the analyst team of ThreatFabric has discovered new Malware, which attacks the device to steal the credential and credit card information. The Malware is called as BlackRock and was first detected by the team in May 2020. The Malware is said to be targeting Social, communication, and dating applications on a mobile device. As per the analyst, BlackRock is a banking trojan derived from the code of existing Xerxes malware, which is a known strain of the LokiBot Android trojan.
This trojan works in a very different way, although it has been derived from banking trojan. It will deceive the user by showing itself as a Google Update and will install it on the device with the user’s permission. Once it is installed, it will not be visible in the app drawer, so the user will not see it and even remember if they have any such app in the long run. Although it’s hidden from the user, it will keep working in the background, stealing all the user’s critical information. It has been detected that the trojan is currently affecting 337 applications that are not related to the banking sector.
It mainly attacks the application, which uses the user’s credit card information to purchase certain services and products. The Malware is said to be designed to overlay attacks, send, spam, and steal SMS messages and lock the victim in the launcher activity. The biggest problem is that the Malware will not be detected in many popular and effective antivirus applications.
The Malware changes the settings of the Accessibility Service of Android and overlays a fake screen on top of an official app. The screen can be used to get the credential and credit card information. However, to make it work, it has to request the user to have access to Accessibility services. There is no confirmation on how long this trojan will remain on the platform. However, Android will certainly release updates in the future for the same.