New Delhi The country’s cyber security agency CERT-In has issued a warning about an Android malware named ‘BlackRock’, which has the ability to steal banking and user confidential data. In an ongoing consultation issued by the Computer Emergency Response Team of India (CERT-In), this malware can extract information and credit card information from more than 300 apps, including email, e-commerce apps, social media apps. The “attack campaign” of this ‘Trojan’ category virus is active globally.
“It has been found that a new Android malware ‘BlackRock’ is attacking a wide range of Android apps. It has the ability to steal information. This malware has been developed using the source code of the banking malware ‘SherShees’ , Which itself is a variant of the LokiBoat Android Trojan. ” The specialty of this malware is that its target list includes 337 applications (apps), including banking and financial apps.
Can steal more than 300 app notifications
“It can steal information and credit card information from more than 300 apps such as email clients, e-commerce apps, virtual currency, messaging or social media apps, entertainment apps, banking and financial apps,” said CERT-In.
This is how virus attacks
When the victim’s device is attacked with malware, it hides its icon from the app drawer. After this it exposes itself as fake Google update. As soon as the user approves for the said update, it then starts working independently of its own without seeking any other approval.
Phone keypad does not work
The agency said that with the help of this malware, the attacker can stop the keypad from working, scanning the victim’s contact list and messages, making the malware the default SMS medium, pushing the notification system to the command and control server, allowing the user to access the home screen You can give many other types of commands including restricting and hiding notifications, stealing information, sending spam, stealing SMS messages.
Able to cheat anti virus
This virus becomes even more deadly due to this, because it is capable of deceiving most anti-viruses. The cyber security agency said that to avoid this, do not download or install the app from unknown sources, use reputed and certified app stores, always check the detailed information of the app like number of downloads, user reviews etc. Apart from this, use encryption of the device to encrypt the external SD card and do not use unknown Wi-Y network etc.
What to do
If you are going to install banking app, always check the official and verified version. Along with this, users should also ensure that their device has a strong antivirus equipped with Artificial Intelligence (AI).