Android: malware steals the passwords of the most famous applications

More than 300 applications have been the target of BlackRock, a new virus that steals the usernames and passwords of accounts on social networks, but also banking applications. Its trap is formidable since it hides in a fake update from Google.

BlackRock. It is the nickname given to the latest malware identified by ThreatFabric experts  . Discovered in May, this virus is rampant on Android and it is designed on the basis of the LokiBot malware, a Trojan horse whose specialty is to hack banking applications to steal user names and passwords .

What these researchers discovered is that BlackRock isn’t just targeting bank details, since it has already targeted more than 300 Android apps in areas like social media , communication or online dating. The virus can thus collect information to identify itself, but also take control of text messages or record what you type on the keyboard .

This fake update window from Google gives hackers access to the most advanced settings of Android.  © ThreatFabric

A fake Google update to trick the user

To achieve its ends, this malware traps Android by granting itself privileges on Android accessibility services. To do this, it displays fake update messages from Google , and if the user accepts, it gives him access to Android permissions . Once the trap has worked, it connects remotely with a server to launch attacks, but also to start collecting data.

Asked by  The Hacker News , experts report that the most popular applications of the moment are affected by this attack since we find Tinder, TikTok, Facebook but also Twitter , Uber, Amazon and Skype . They also found that the attacks affected the United States, Europe, Australia and Canada. France is in the Top 10 most affected.