BlackRock banking malware capable of targeting 337 apps
Security researchers have uncovered a new Android banking malware capable of targeting 337 apps.
BlackRock opens an overlay to steal users’ information
According to ThreatFabric the new malware is based on leaked source code of the Xerxes malware family.
Named BlackRock, the malware focuses on the theft of passwords and credit card information.
BlackRock differentiates itself from predecessors through an ability to infiltrate a larger number of applications.
The malware can steal information from Facebook, Instagram, Reddit, Tinder, TikTok and more. Once BlackRock is installed by a victim it sits in the background, waiting for a particular app to open.
When a victim opens an app the malware overlays a fake version of the original. BlackRock then steals any credentials the users enters onto this fake overlay.
The creators of BlackRock are reportedly the only ones using Xerxes source code, released in May 2019.
ThreatFabric reports that the malware hasn’t been able to infiltrate the Google Play Store and is instead targeting people using third-party app stores.
Kaspersky data shows that banking malware and trojans regularly target those in the corporate sector. Corporate users accounted for 35% of those attacked in 2019, up from 24% in 2018.
Related: 2020 Review – top five outages, data breaches & cyber-attacks this quarter
