Do you have an Android phone? If so, be advised that there's a new threat to be on the lookout for.

The threat takes the form of a malware strain that's being called BlackRock. It is a banking trojan that specializes in pilfering login and credit card information, which means that if you get infected, it's likely to hit you hard.

The new variant was discovered by security researchers and analysts operating out of ThreatFabric. Based on an analysis of the code, it is a derivative of the Xerxes banking malware, which traces its roots back to the LokiBot trojan.

The key difference between this malware strain and the strains it was derived from is this: LokiBot and Xerxes focused their attention exclusively on banking and payment card information. BlackRock is equally interested in social media and dating site logins.

It's a fairly stealthy piece of code, too, disguising itself as a Google Update, which requests Accessibility Services privileges and hiding its icon when it is launched. Even worse, once a victim grants the malware access to Accessibility Services, it will begin granting itself additional permissions out of the sight of the victim.

In addition to banking apps, BlackRock also targets a number of cryptocurrency wallet apps, including Coinbase, BitPay, and Binance, as well as popular apps like Microsoft Outlook, Gmail, Uber, Amazon, Netflix, and Google Play.

The researchers at ThreatFabric had this to say about their discovery:

"The second half of 2020 will come with its surprises, after Alien, Eventbot and BlackRock, we can expect that financially motivated threat actors will build new banking Trojans and continue improving the existing ones.

With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, banking malware will pose a threat for more organizations and their infrastructure, an organic change that we observed on Windows banking malware years ago."

All that to say, it's a serious threat, so be on the alert for it.

About the Author

Marty Parker

Marty Parker
Owner & General Manager

Marty is the Owner and General Manager of Heritage Digital. Marty has managed and built high-performing IT teams for over 30 years. He served 13 years in the manufacturing industry and 13 years in corporate-owned healthcare organizations. Before acquiring Heritage Digital, Marty was the Chief Information Officer of Carolinas Hospital System (now MUSC Health Florence Medical Center) in Florence, SC. Marty is passionate about educating and protecting people against cybercriminals.

Used with permission from Article Aggregator