Android malware ‘BlackRock’ in cyber space with ability to steal banking data: CERT-In

'Target list' contains 337 applications, including banking and financial apps

Android malware ‘BlackRock’ in cyber space with ability to steal banking data: CERT-In

Photo for representation

Mukesh Ranjan

Tribune News Service

New Delhi, July 30

India’s top cyber security arm of the government CERT-In has issued an advisory alerting people about an android malware “BlackRock”, which is roaming in cyberspace and has the potential to “steal” critical banking and other confidential data of users of smart devices.

In the advisory, a copy of which is with The Tribune, Computer Emergency Response Team of India (CERT-In) said, this malware can “extract credentials and credit card information from over 300 apps” like email, e-commerce apps, social media apps, besides banking and financial apps.

“The attack campaign of this ‘Trojan’ category virus is active globally,” CERT-In, the national technology arm to combat cyber attacks and guard Indian cyber space, said, adding: “It is reported that a new Android malware strain dubbed ‘BlackRock’ equipped with data stealing capabilities is attacking a wide range of Android applications.”

“The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan,” the CERT-In said.

According to CERT-In advisory, the “noteworthy feature” of this malware is that its target list contains 337 applications, including banking and financial applications, and also non-financial and well-known commonly used brand name apps on Android devices that focus on social, communication, networking and dating platforms.

Meanwhile, on the issue of cyber security in the Indo-Pacific region during COVID-19 pandemic, the Australian High Commission in India, in a statement said, in recent months, “malicious cyber actors have sought to take advantage” of the situation. “We will work through multilateral and regional institutions to strengthen a rule-based cyberspace. Australia has announced a record boost to cyber security spending- more than Rs. 7,000 crore (AUD 1.35 billion) recruit 500 new experts,” it said.

Suggesting counter measures to remain safe from this malware, the CERT-In said, “Do not download and install applications from untrusted sources and use only reputed application markets only. Always review the app details, number of downloads, user reviews and check ‘additional information section before downloading an app from play store, use device encryption or encrypt external SD card and avoid using unsecured, unknown Wi-Fi networks.”

Also, when it comes to downloading banking apps one should use the official and verified version and users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware, it said.

Top Stories

Standoff with China likely to be prolonged: Defence Ministry

Standoff with China likely to be prolonged: Defence Ministry

Says Chinese aggression increasing along Line of Actual Cont...

CBI files FIR in Sushant Rajput suicide case, names Rhea Chakraborty, 5 others as accused

CBI files FIR in Sushant Rajput suicide case, names Rhea Chakraborty, 5 others as accused

Case filed a day after Centre accepted Bihar govt’s recommen...

RBI keeps interest rates on hold; raises limit for gold loans

RBI keeps interest rates on hold; raises limit for gold loans

After cutting interest rates by 115 basis points since Febru...

Punjab ministers seek expulsion of Bajwa, Dullo from Cong; duo hit back

Punjab ministers seek expulsion of Bajwa, Dullo from Cong; duo hit back

If govt ‘working against public interest’ cannot be criticis...

Cities

View All