Cyber security agency Computer Emergency Response Team of India – CERT-IN has issued a warning against Android malware called ‘BlackRock’, which has the potential to steal banking and user’s confidential data. Malware can extract information and credit card information from over 300 applications, including email, e-commerce applications, social media applications, virtual currency, messaging, entertainment applications, and banking. The “attack campaign” of this ‘Trojan’ category virus is active globally.
CERT-In successfully conducted "Black Swan – Cyber Security Breach Exercise" on COVID-19 pandemic themed cyber attacks with key stakeholders on 9th July 2020. pic.twitter.com/0gb66fKazG
— CERT-In (@IndianCERT) July 9, 2020
New malware ‘BlackRock’ is attacking Android app. Banking malware has been developed using the source code of ‘Shares’. The app hides its icon from the drawer. It then exposes itself as a fake Google update. As soon as the user approves the update, it starts working independently without asking for any other approval.
With the help of this malware, the attacker will make the malware the default SMS medium by activating the keypad, scanning the victim’s contact list and messages, forcing the notification system to command and control server, restricting the user to the home screen. You can give many other types of commands, including hiding information, stealing information, sending spam, stealing SMS messages. Antivirus is capable of cheating.