Android malware ‘BlackRock’ in cyber space with ability to steal banking data: CERT-In

Mukesh Ranjan

Tribune News Service

New Delhi, July 30

India’s top cyber security arm of the government CERT-In has issued an advisory alerting people about an android malware “BlackRock”, which is roaming in cyberspace and has the potential to “steal” critical banking and other confidential data of users of smart devices.

In the advisory, a copy of which is with The Tribune, Computer Emergency Response Team of India (CERT-In) said, this malware can “extract credentials and credit card information from over 300 apps” like email, e-commerce apps, social media apps, besides banking and financial apps.

“The attack campaign of this ‘Trojan’ category virus is active globally,” CERT-In, the national technology arm to combat cyber attacks and guard Indian cyber space, said, adding: “It is reported that a new Android malware strain dubbed ‘BlackRock’ equipped with data stealing capabilities is attacking a wide range of Android applications.”

“The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan,” the CERT-In said.

According to CERT-In advisory, the “noteworthy feature” of this malware is that its target list contains 337 applications, including banking and financial applications, and also non-financial and well-known commonly used brand name apps on Android devices that focus on social, communication, networking and dating platforms.

Meanwhile, on the issue of cyber security in the Indo-Pacific region during COVID-19 pandemic, the Australian High Commission in India, in a statement said, in recent months, “malicious cyber actors have sought to take advantage” of the situation. “We will work through multilateral and regional institutions to strengthen a rule-based cyberspace. Australia has announced a record boost to cyber security spending- more than Rs. 7,000 crore (AUD 1.35 billion) recruit 500 new experts,” it said.

Suggesting counter measures to remain safe from this malware, the CERT-In said, “Do not download and install applications from untrusted sources and use only reputed application markets only. Always review the app details, number of downloads, user reviews and check ‘additional information section before downloading an app from play store, use device encryption or encrypt external SD card and avoid using unsecured, unknown Wi-Fi networks.”

Also, when it comes to downloading banking apps one should use the official and verified version and users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware, it said.

Join Whatsapp Channel of The Tribune for latest updates.