Android malware ‘BlackRock’ in cyber space with ability to steal banking data: CERT-In

'Target list' contains 337 applications, including banking and financial apps

Android malware ‘BlackRock’ in cyber space with ability to steal banking data: CERT-In

Photo for representation

Mukesh Ranjan

Tribune News Service

New Delhi, July 30

India’s top cyber security arm of the government CERT-In has issued an advisory alerting people about an android malware “BlackRock”, which is roaming in cyberspace and has the potential to “steal” critical banking and other confidential data of users of smart devices.

In the advisory, a copy of which is with The Tribune, Computer Emergency Response Team of India (CERT-In) said, this malware can “extract credentials and credit card information from over 300 apps” like email, e-commerce apps, social media apps, besides banking and financial apps.

“The attack campaign of this ‘Trojan’ category virus is active globally,” CERT-In, the national technology arm to combat cyber attacks and guard Indian cyber space, said, adding: “It is reported that a new Android malware strain dubbed ‘BlackRock’ equipped with data stealing capabilities is attacking a wide range of Android applications.”

“The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan,” the CERT-In said.

According to CERT-In advisory, the “noteworthy feature” of this malware is that its target list contains 337 applications, including banking and financial applications, and also non-financial and well-known commonly used brand name apps on Android devices that focus on social, communication, networking and dating platforms.

Meanwhile, on the issue of cyber security in the Indo-Pacific region during COVID-19 pandemic, the Australian High Commission in India, in a statement said, in recent months, “malicious cyber actors have sought to take advantage” of the situation. “We will work through multilateral and regional institutions to strengthen a rule-based cyberspace. Australia has announced a record boost to cyber security spending- more than Rs. 7,000 crore (AUD 1.35 billion) recruit 500 new experts,” it said.

Suggesting counter measures to remain safe from this malware, the CERT-In said, “Do not download and install applications from untrusted sources and use only reputed application markets only. Always review the app details, number of downloads, user reviews and check ‘additional information section before downloading an app from play store, use device encryption or encrypt external SD card and avoid using unsecured, unknown Wi-Fi networks.”

Also, when it comes to downloading banking apps one should use the official and verified version and users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware, it said.

Tribune Shorts


Top Stories

Covid deaths in third wave majorly lower than second due to high vaccine uptake

Covid deaths in third wave majorly lower than second due to high vaccine uptake

Bed occupancy in Delhi stable despite rise in new and active...

Maharashtra to reopen schools from Monday as Omicron cases fall

Maharashtra to reopen schools from Monday as Omicron cases fall

Schools from Grade 1 to Grade 12 to reopen, says education m...

China's PLA abducts boy from inside Indian territory in Arunachal Pradesh, says state MP Tapir Gao

Indian Army seeks assistance from PLA to locate and return missing Arunachal youth

Arunachal Pradesh's MP Tapir Gao said on Wednesday that PLA ...

China’s Foreign Ministry says not aware of missing Arunachal youth

China’s Foreign Ministry says not aware of missing Arunachal youth

'Chinese PLA controls borders in accordance with the law and...

Cities

View All