It has been a while since the digital wave started, and it was increasing fast. However, the COVID-19 pandemic gave it an additional push. After the pandemic, online transactions and payments have increased considerably, but so have frauds and cyber attacks.
ThreatFabric, a Netherland-based cybersecurity firm, has notified a recently-detected new malware called BlackRock. With this malware, hackers and fraudsters have been targeting over 337 Android apps to steal card details. The report says there has been a steady increase in the number of new banking Trojans since 2014, however, 2020 shows an interesting increase again after a quiet calm 2019.
How does it work?
The malware uses overlays or fake windows with keylogger functionality on top of a legitimate app. It prompts the users to enter their card details to get access to the app. As soon as the users enter their card details, the hackers capture them.
Additionally, if such an app gets installed on your smartphones, the Trojan asks the user for the phone’s Accessibility feature, through which the malware gets access to other Android permissions. According to research and reports, the malware can intercept SMS messages, spam contacts with predefined SMS, sabotages mobile antivirus apps, performing SMS floods, shows custom push notifications, starts specific apps, etc. This malware also poses as fake Google updates, which many people can not differentiate.
What is at risk?
According to the ThreatFabric report, Gmail, Yahoo Mail, Microsoft Outlook, PayPal mobile cash, Amazon seller, Uber, Netflix, Amazon shopping, Binance, are targeted by this malware, along with banking apps such as iMobile by ICICI, YONO Lite SBI, and IDBI Bank Go Mobile+, among others.
This malware is also said to be able to steal data, passwords, and credit or debit card information from various apps.
Even though there is no clarity yet on how to handle this malware, experts say people should stay away from installing apps from an unknown source or grant permissions to an odd app.