{"id":9105,"date":"2020-07-21T12:16:46","date_gmt":"2020-07-21T06:46:46","guid":{"rendered":"https:\/\/triumphias.com\/blog\/?p=9105"},"modified":"2020-07-21T12:16:46","modified_gmt":"2020-07-21T06:46:46","slug":"blackrock-malware","status":"publish","type":"post","link":"https:\/\/triumphias.com\/blog\/blackrock-malware\/","title":{"rendered":"BlackRock malware"},"content":{"rendered":"
\n
\n

Relevance: Prelims: Science and technology<\/span><\/h1>\n

\"BlackRock<\/p>\n

Why in news?<\/strong><\/p>\n<\/header>\n<\/section>\n

\n

\u2022 Android malware has often found its ways to bypass Google\u2019s app review process. One of the well-known examples is Joker malware.<\/p>\n

\u2022 A new Android malware has been discovered that steals data such as password and credit card details from 337 apps including some of the popular ones like Gmail, Amazon, Netflix, Uber, and more.<\/p>\n

\u2022 The malware that goes by the name BlackRock comes with data theft capabilities, a report from ZDNet stated. The publication was the first to report about malware and discovered by mobile security firm ThreatFabric.<\/p>\n

How does BlackRock steal user details?<\/b><\/span><\/p>\n

\u2022 BlackRock malware functions just like any other Android malware. According to researchers at ThreatFabric, the BlackRock malware is based on the leaked source code of another malware strain Xerxes which in turn is based on other malware strains. The new malware is enhanced with more features related to stealing passwords and credit card details.<\/p>\n

\u2022 The report suggests that the malware steals login credentials including username and passwords) and sends prompt to users to enter payment credit card details.<\/p>\n

\u2022 The trojan collects data through a technique called \u201coverlays\u201d. It basically detects when a user interacts with a legitimate app and places a fake window on top that asks for login and credit card details before the user enters the actual app.<\/p>\n

\u2022 ThreatFabric researchers say BlackRock overlays happen towards phishing financial, social media, communications, dating, news, shopping, lifestyle, and productivity apps.<\/p>\n

\u2022 Once the app is installed on a smartphone, the trojan first asks the user to grant access to the phone\u2019s Accessibility feature.<\/p>\n

\u2022 It then users the Accessibility feature to grant itself access to other Android permissions. Then uses an Android DPC for access to admin. The malware then uses this access to display overlays to collect user credentials and credit card details.<\/p>\n

Intrusive operations:<\/b><\/span><\/p>\n

\u2022 Intercept SMS messages<\/p>\n

\u2022 Perform SMS floods<\/p>\n

\u2022 Spam contacts with predefined SMS<\/p>\n

\u2022 Start specific apps<\/p>\n

\u2022 Log key taps (keylogger functionality)<\/p>\n

\u2022 Show custom push notifications<\/p>\n

\u2022 Sabotage mobile antivirus apps, and more<\/p>\n

Way ahead:<\/b><\/span><\/p>\n

\u2022 The report states that BlackRock is distributed as fake Google update packages offered on third-party websites and has not been spotted on Google Play Store yet.<\/p>\n<\/div>\n

 <\/p>\n

For more such notes, Articles,News & Views Join our Telegram Channel.<\/strong><\/span><\/p>\n

https:\/\/t.me\/triumphias<\/strong><\/span><\/a><\/p>\n

Click the link below to see the details about the UPSC \u2013Civils courses offered by Triumph IAS.<\/strong> <\/span>https:\/\/triumphias.com\/pages-all-courses.php<\/a><\/strong><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Relevance: Prelims: Science and technology Why in news? \u2022 Android malware has often found its ways to bypass Google\u2019s app<\/p>\n","protected":false},"author":1,"featured_media":3528,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[525],"tags":[392],"class_list":["post-9105","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-daily-practice-problems","tag-union-public-service-commission-upsc"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/posts\/9105","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/comments?post=9105"}],"version-history":[{"count":1,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/posts\/9105\/revisions"}],"predecessor-version":[{"id":9106,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/posts\/9105\/revisions\/9106"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/media\/3528"}],"wp:attachment":[{"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/media?parent=9105"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/categories?post=9105"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/triumphias.com\/blog\/wp-json\/wp\/v2\/tags?post=9105"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}