While the malware hasn’t been seen on Google Play yet, it targets a wide number of apps and you should know what to look out for.
Your personal information is under threat yet again, as a new Android-focused malware is making the rounds.
What threat? Called BlackRock, it works much like other trojans and viruses, but it targets more apps than its predecessors, including banking, navigation, social media, dating and music apps, video players, and more. When in full effect, it can steal your username and passwords for various apps, as well as your banking information, like a debit card’s CVV number.
How does BlackRock work? As explained by mobile security firm ThreatFabric, once the malware has made its way onto your Android device, it will hide its app icon from the user, then proceed to ask for Accessibility Service privileges while masquerading as a Google update. Once it has those permissions, it will give itself more power over your device, so it can really get started.
To steal your aforementioned login credentials, it will place a convincing overlay on top of the real app you’re trying to use, then send you through to the app once it has everything it needs. Beyond that, BlackRock can also send and steal SMS messages, hide notifications, block you from using antivirus apps, act as a keylogger, and more.
How do you get it? Currently, BlackRock appears on third-party websites as a fake Google update. And while it hasn’t been seen on the Google Play Store, ZDNet notes that previous malware attempts have made it through Google’s app review process, so be wary of any new apps you come across.
Bottom line: It’s easy to think that since an app is on the Google Play Store, it’s legitimate and has been thoroughly vetted, but you should always make a point to investigate the apps you install regardless (and make Android backups beforehand). If the threats to your devices are stepping their game up, so should you.