Every year, a new trojan is spotted which puts the Android users at risk. This time we have a new threat named BlackRock which is the worst of them all. It not only takes up your login credentials but all your sensitive information too. Let’s have a looks at what the trojan is and how it can affect you.
What is BlackRock?
BlackRock is not a new virus but a part of the LokiBot family which was spotted between 2016 and 2017. BlackRock was first spotted in May 2020. The source code resembles the Xerxes malware which came in 2019. After LokiBot, all the versions were named differently and upgraded to violate the latest version of Android in smartphones.
How does it Work?
The new malware BlackRock after getting installed on your system hides the main icon from the app drawer and works independently inside your device. Once it has the desired permission to access everything in your device, it automatically tracks and monitors everything that’s going on inside your smartphone including all the details your enter through your keyboard.
- Advertisement -
The trojan’s latest version display’s itself as a Google Update(Fake) in the Accessibility settings. Once you grant the permission, it automatically grants all the permission needed to monitor everything you do in the device.
Features of BlackRock
BlackRock can perform the following set of tasks on the target’s device:
- SMS listing
- SMS forwarding
- Device info collection
- Hiding the App icon
- Keylogging
- Grant permissions
- Preventing removal
- AV detection
- Screen-locking
- SMS Sending
One of the features of the Trojan is preventing removal. It means all your antivirus apps are useless in your device once the trojan is installed. Any antivirus you try to open will be forced closed and you’ll be redirected to the homepage. BlackRock will not allow you to open any antivirus in your device.
- Advertisement -
How to stay secure from BlackRock?
Currently, there is no fix or patch for the Trojan from any company but you can sure the security of your device and your information by following some general rules in your device. This includes not installing anything fishy from an unknown website, or a third-party app published other than PlayStore. This app would install in the fake name of Google Update and the rest is history.
Source: ThreatFabric
Read more from MeshPie.