India’s cybersecurity agency has issued an alert against Android malware, dubbed ‘BlackRock’, that has the potential to “steal” banking and other confidential data of a user. The attack campaign of this ‘Trojan’ category virus is active globally, said the CERT-In.
“BlackRock can extract credentials and credit card information from over 300 apps such as email, e-commerce apps, social media apps, besides banking- and financial apps,” the Computer Emergency Response Team of India (CERT-In) said in an advisory.
CERT-In is the national technology arm to combat cyberattacks and guard Indian cyberspace.
An important feature of this malware is that its target list contains 337 applications including banking and financial applications and also non-financial and well-known commonly used brand name apps on an Android device that focus on social, communication, networking, and dating platforms.
“It can steal credentials and credit card information from over 300 plus apps such as email clients, e-commerce apps, virtual currency, messaging or social media apps, entertainment apps, banking- and financial apps, etc.,” the advisory said.
The advisory described the infection activity of the virus. “When the malware is launched on the victim’s device, it hides its icon from the app drawer and then masquerades itself as a fake Google update to request accessibility service privileges.”
“Once this privilege is granted, it becomes free to grant itself additional permissions allowing it to function further without interacting with the user,” it said.
The virus is deadly as it has the capability to “deflect” the majority of anti-virus applications.
The federal cybersecurity agency suggested some counter-measures such as:
- do not download and install applications from untrusted sources
- use reputed application market only
- always review the app details, the number of downloads, user reviews and check ‘additional information’ section before downloading an app from play store
- use device encryption or encrypting external SD card
- avoid using unsecured and unknown Wi-Fi networks
- when it comes to downloading banking apps one should use the official and verified version
- make sure they have a strong AI-powered mobile anti-virus installed to detect and block any kind of malware.