A new Android malware has been discovered by a team of security researchers that is found to target a several apps. The malware is called BlackRock and is a banking Trojan derived from the code of the existing Xerxes malware that is a known strain of the LokiBot Android trojan.
It can steal information like passwords and credit card information from several apps
Once the malware is installed on a phone, it monitors the targeted app. It uses a method called ‘overlays’ to trick users into filling in their log-in details and card details to enter the app.
When the user enters the login and/or credit card details, the malware sends the information to a server. It uses the phone’s Accessibility feature, and then uses an Android DPC (device policy controller) to provide access to other permissions.
In order to avoid the malware, download apps only from the Google Play Stores, use strong passwords, beware of spam and phishing emails, use an antivirus app if possible, and check app permissions.
