The majestic mass use spread of Android has brought about unprecedented malware risks for users all around the world. Criminals continue to invent new and sophisticated methods to compromise apps and steal data from users.
They deploy various cutting edge technological tools to carry out malicious activities. One of the major computer virus currently attacking Android devices is Blackrock Malware. It poses not only one but a lot of security threats, such as information theft and application attacks.
Blackrock is the new kid on the block, which is attacking a range of applications on the Google Play Store. It can steal information such as your bank account details, login details, and other crucial information about you.
Apps from giant telecom and IT organizations are not excluded. Blackrock has attacked famous apps, including Netflix, Facebook, YouTube, Amazon, Yahoo mail, Instagram, Skype, Reddit, Whatsapp, Gmail, Uber, Tinder, and a whole lot more.
But that should not scare you.
Because this article, for which I took some insights from Ali Qamar, the consumer security champion at Privacy Savvy alongside reading through some other quality security resources online, will uncover all about Blackrock, how it works, and how you can protect your Android from this deadly malware.
What is Blackrock malware all about?
Blackrock is a sophisticated malware that has attacked as much as 377 android applications thus far. A software security firm called ThreatFabric was the first to discover Blackrock. Blackrock source code is an extract from Xeres, which is also a renowned malware.
The Xeres codes were rewritten with more lethal features, and the sheer volume of apps it can attack to steal information from is intensely disturbing. The most alarming part of it is that it can overlap on legitimate applications and bypass antivirus and Android cleaners.
How Blackrock steals information from your device
This malware finds its way to your device through an infected application on App Stores. It would ask for necessary permission, and once granted, the malicious program goes ahead to give itself more permissions and privileges.
Sometimes it could also ask for an update and carries out the update in a fake third-party store. The additional authorization and updates are necessary to allow Blackrock to function actively without interacting with the user anymore.
After the updates and permission are complete, it begins to receive instruction from the server and detects/monitors whenever its target app is opened. Once it detects that a user has opened a legitimate app, it pops up an overlay that mimics the app.
Then as a user types in his credential, thinking it’s the real app, those details get sent to Blackrock servers. Blackrock would redirect the user back to the original application, while the information would be sent to the server.
Aside from carrying out overlay attacks, Blackrock also performs SMS harvesting, keylogging, notifications, screen locks, and AV detection. Blackrock hides its icon, which means it can stay undetected on your device.
Would an Antivirus help protect you against Blackrock?
For now, an antivirus cannot protect your device against Blackrock. That is because of its advanced detection and redirection algorithm. Blackrock would automatically redirect a user back to the home screen once it detects that you want to use an antivirus program.
Its been reported to have systematically thwarted a range of top antivirus programs successfully such as:
- AVG
- Symantec
- Bitdefender
- Kaspersky
- McAfee
- ESET
- Trend Micro
Blackrock has also bypassed Android cleaners, aside from thwarting the use of an antivirus program. It redirects a user back to the home screen once you try to use Android cleaners such as SD Maid, Superb Cleaner, TotalCommander, and many more.
How to protect yourself from Blackrock Malware
As you might have guessed by now, Blackrock is a robust malware application that is very difficult to detect and protect against.
Fortunately, we have a few tricks up our sleeves on how to protect your device against Blackrock.
Blackrock is not yet on the Google play store, but it merely carries its attacks through third-party stores. However, it doesn’t mean Blackrock would not eventually crawl into the play store, so be vigilant. Let’s take a look at the different ways to protect your device against Blackrock:
Review application permissions
Blackrock infiltrates you through your device’s permission. Therefore, you should regularly go through your app permissions.
Apps would ask for permission before starting their operations on your device, so you should endeavor to review what those permissions are. It doesn’t matter if you are installing the app from Google Play Store or third-party stores, you must check its permissions thoroughly, always.
What is the application about and what permissions is it seeking for? We hear you ask. It is all common sense here.
A calculator application definitely has nothing to do with SMS or keystrokes. A notepad application has nothing to do with your contacts or send and receive an email. Be vigilant of the permissions you grant apps access to. Deny specific permission if you feel an app does not need it.
Download apps from Google Play Store only
As noted before, there is currently no Blackrock malware on the Google play store. It usually makes its way into users’ devices through third-party stores.
Therefore you should always install apps from Google Play Store only. Avoid random application download locations because it’s the easiest way to get infiltrated.
Furthermore, you should head to your Settings and disable apps from installing from unknown sources. When you do this, Android would warn you when your device tries to install an app from an unknown source, whether you initiated the installation or not.
Don’t Install an app if you don’t know what it is
Treat your Android applications the way you treat your food.
Think twice before installing an app, especially when you do not know thoroughly about what it does. Not only third party applications but apps on Playstore should also be treated this way.
Sometimes you may get a link to install an app through other apps such as email apps and social media apps. But we strongly advise you against the blind installation of applications no matter if a reputable company recommended them.
Final Notes
Blackrock is a sophisticated malware with a scary record of targeting as much as 337 applications. These apps include banking and financial applications, email apps, social media apps, entertainment, healthcare apps, and a whole lot more.
It steals the user’s credentials and card information through its overlay technique. It detects when a user opens a legitimate app and pops up an overlay mimicking the app. The worst part is, you cannot detect it easily as it hides icon automatically after installation.
Blackrock is deadly, and antivirus has proved to be ineffective in protecting an Android device against Blackrock. However, you can avoid Blackrock by following some safety SOPs that we mentioned above. And of course, you should make fair use of your common sense, too.
