Malware is extremely precarious as it has the ability to counter the majority of antivirus Apps.

Many of you might not know that our country has a dedicated Cyber Security agency CERT-In and it has warned of the Malware called BlackRock which according to them has the ability to steal Banking and other personal data of the user,

It can easily Collect credentials, credit card info, from around 300 apps categorized as mail apps, shopping apps e-commerce, social media apps, & most certainly banking apps too, revealed CERT in an advisory.

This Trojan class malware is on a hunting spree globally as of now, as told by the Computer Emergency Response Team Of India, The technology Wing that protects Indian Cyberspace. The attack was initially reported earlier this month and was first spotted in May.

It is being said that this malware has huge stealing potential and can attack a wide range of android apps.

The Malware is said to have been developed using the source code of its parent Xerxes banking malware which itself is a variant of Noteworthy LokiBot Android Trojan said the sources in the advisory.

The distinguishing feature of this malware is that t doesn't only target banking apps but also preys on other apps such as e-commerce and social media apps, also financial and entertainment apps.

Please note that when the malware enters the device of the user, It hides its icon from the app drawer and camouflages itself as a fake google update to request accessibility permissions.
Once it gets all the accessibility permissions it becomes free to act without letting the user know anything. 

The advisory warned people about what are the common patterns according to which these threats act and those include the following 
  • Logging keystrokes, spamming the victim's contact lists with random texts.
  • Setting the malware as the default app for either SMS or phone. 
  • Pushing system notifications to the command and control servers.
  • Locking the user on home screen and steal and hide notifications.
  • Send spam emails and messages and much more illicit acts.
Here are the suggested measure you can follow to be safe from the attack 
  1. Do not download and install apps from untrusted sources.
  2. Always review app details before installing or downloading it. 
  3. Use device encryption and also the SD card if you use one.
  4. Avoid using unsecured, unknown Wi-Fi networks.
Also when its abut banking apps one should use the verified versions only & also ensure that you have a strong AI-powered Anti-virus that's the least you can do.

Stay Safe 
Stay Tuned For More Updates

Post a Comment

Previous Post Next Post