Live Updates: COVID-19 Cases
  • World 18,350,731
    World
    Confirmed: 18,350,731
    Active: 6,105,449
    Recovered: 11,550,374
    Death: 694,908
  • USA 4,832,187
    USA
    Confirmed: 4,832,187
    Active: 2,283,927
    Recovered: 2,389,698
    Death: 158,562
  • Brazil 2,736,298
    Brazil
    Confirmed: 2,736,298
    Active: 758,021
    Recovered: 1,884,051
    Death: 94,226
  • India 1,852,156
    India
    Confirmed: 1,852,156
    Active: 584,016
    Recovered: 1,229,171
    Death: 38,969
  • Russia 856,264
    Russia
    Confirmed: 856,264
    Active: 188,464
    Recovered: 653,593
    Death: 14,207
  • South Africa 511,485
    South Africa
    Confirmed: 511,485
    Active: 155,892
    Recovered: 347,227
    Death: 8,366
  • Mexico 439,046
    Mexico
    Confirmed: 439,046
    Active: 101,906
    Recovered: 289,394
    Death: 47,746
  • Peru 428,850
    Peru
    Confirmed: 428,850
    Active: 115,049
    Recovered: 294,187
    Death: 19,614
  • Chile 361,493
    Chile
    Confirmed: 361,493
    Active: 17,810
    Recovered: 333,976
    Death: 9,707
  • Spain 344,134
    Spain
    Confirmed: 344,134
    Active: 315,662
    Recovered: ?
    Death: 28,472
  • Iran 312,035
    Iran
    Confirmed: 312,035
    Active: 24,402
    Recovered: 270,228
    Death: 17,405
  • UK 305,623
    UK
    Confirmed: 305,623
    Active: 259,413
    Recovered: ?
    Death: 46,210
  • Saudi Arabia 280,093
    Saudi Arabia
    Confirmed: 280,093
    Active: 35,089
    Recovered: 242,055
    Death: 2,949
  • Pakistan 280,029
    Pakistan
    Confirmed: 280,029
    Active: 25,172
    Recovered: 248,873
    Death: 5,984
  • Italy 248,229
    Italy
    Confirmed: 248,229
    Active: 12,474
    Recovered: 200,589
    Death: 35,166
  • Bangladesh 242,102
    Bangladesh
    Confirmed: 242,102
    Active: 101,013
    Recovered: 137,905
    Death: 3,184
  • Turkey 233,851
    Turkey
    Confirmed: 233,851
    Active: 10,607
    Recovered: 217,497
    Death: 5,747
  • Germany 212,060
    Germany
    Confirmed: 212,060
    Active: 9,234
    Recovered: 193,600
    Death: 9,226
  • France 187,919
    France
    Confirmed: 187,919
    Active: 76,154
    Recovered: 81,500
    Death: 30,265
  • Canada 117,007
    Canada
    Confirmed: 117,007
    Active: 6,482
    Recovered: 101,578
    Death: 8,947
  • China 84,428
    China
    Confirmed: 84,428
    Active: 781
    Recovered: 79,013
    Death: 4,634
  • Netherlands 55,470
    Netherlands
    Confirmed: 55,470
    Active: 49,321
    Recovered: ?
    Death: 6,149
  • Australia 18,318
    Australia
    Confirmed: 18,318
    Active: 7,475
    Recovered: 10,622
    Death: 221
  • S. Korea 14,389
    S. Korea
    Confirmed: 14,389
    Active: 808
    Recovered: 13,280
    Death: 301
  • New Zealand 1,567
    New Zealand
    Confirmed: 1,567
    Active: 27
    Recovered: 1,518
    Death: 22

Android malware ‘BlackRock’ prowling in cyberspace, may steal banking data: Advisory

Author at TechGenyz India
Cyber security
A picture of woman with internet cyber network credit: @geralt |Pixabay

The country’s cybersecurity agency has issued an alert against Android malware, dubbed ‘BlackRock’, that has the potential to “steal” banking and other confidential data of a user.

It can extract credentials and credit card information from over 300 apps such as email, e-commerce apps, social media apps, besides banking and financial apps, the CERT-In said in an advisory.

The “attack campaign” of this ‘Trojan’ category virus is active globally, said the Computer Emergency Response Team of India (CERT-In), the national technology arm to combat cyberattacks and guard Indian cyberspace.

“It is reported that a new Android malware strain dubbed ‘BlackRock’ equipped with data-stealing capabilities is attacking a wide range of Android applications.

The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan,- The advisory said.

The “noteworthy feature” of this malware is that its target list contains 337 applications including banking and financial applications, and also non-financial and well-known commonly used brand name apps on an Android device that focus on social, communication, networking and dating platforms, it said.

“It can steal credentials and credit card information from over 300 plus apps like email clients, e-commerce apps, virtual currency, messaging or social media apps, entertainment apps, banking and financial apps etc,” the advisory said.

The advisory described the infection activity of the virus.

When the malware is launched on the victim’s device, it hides its icon from the app drawer and then masquerades itself as a fake Google update to request accessibility service privileges.

“Once this privilege is granted, it becomes free to grant itself additional permissions allowing it to function further without interacting with user,” it said.

Threat operators can issue a number of commands for various operations such as logging keystrokes, spamming the victims’ contact lists with text messages, setting the malware as the default SMS manager, pushing system notifications to the C2 (command and control) server, locking the victim in the device home screen and steal and hide notifications, send spam and steal SMS messages and many more such activities, the advisory said.

The virus is deadly as it has the capability to “deflect” majority of anti-virus applications.

Another feature of this Android Trojan is making use of “Android work profiles” to control the compromised device without requiring complete admin rights and instead of creating and attributing its own managed profile to gain admin privileges,- it said.

The federal cybersecurity agency suggested some counter-measures: do not download and install applications from untrusted sources and use reputed application market only; always review the app details, number of downloads, user reviews and check ‘additional information’ section before downloading an app from play store, use device encryption or encrypting external SD card; avoid using unsecured, unknown Wi-Fi networks among others.

Also, when it comes to downloading banking apps one should use the official and verified version and users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware, the advisory said.

Career

Subscribe