The Dutch security agency ThreatFabric, which is responsible for, for example, the February detection of a virus capable of breaking even two-phase verifications, warns of another variant of mobile malware. So a virus that steals and misuses access data. As in the previous case, it is a tool from the RAT (Remote Access Trojan) category, ie remotely controllable. The threat of this new malware virus, called BlackRock, is that it can easily fool users, overlay the selected application with its own layer and then collect the entered information. Most often access to banking or data on payment cards. Unlike its predecessors, this is much more promising. It can “connect” to more than 300 applications led by giants jako Facebook, Instagram, WhatsApp, Google Pay, YouTube, Skype, Snapchat, Twitter nebo Netflix.
At first glance, it is almost invisible
The important information is that this “trojan” has only a minimal chance of penetrating the phone from the official Play Store. So if you only use one, you most likely have nothing to worry about. BlackRock malware is distributed through installations from other, unverified sources. So be very careful if you do not have good experience with them. You probably wouldn’t have to know right away that you have this insidious wrecker on your mobile phone at first. After installation, it hides its icon and, disguised as a system update, asks for the highest possible access that the user can grant it. In this moment grabs the system and covers applications from “its” very wide list with its overlays (you will find the complete one on the web with the report). And he is happy to collect data. In this state, it is essentially undetectable and the system behaves suspiciously only in more advanced processes. For example, BlackRock completely blocks the installation of antivirus applications.
What else, for example, can BlackRock malware do and cause? SPAMs in messages reads and forwards all conversations or records all entries to the phone to any author. And it can also lock the screen. However, these are actually only minor problems against being able to user quite easy to vacuum the entire bank account or take over accounts for various services. BlackRock belongs to a series of virus tools that follow on from LokiBot from 2016. In 2019, this malware was called Xerxes.
Do you ever download apps outside of the Play Store?