BlackRock is a new Android malware that is developed from the leaked source code of another harmful Android malware, Xerxes. This BlackRock malware is extensively powerful and has additional data-stealing capabilities. The most dangerous feature of this newly raised malware is that it can take user passwords and credit card details too.
BlackRock is a company that is based on Xerxes and its working procedure is somehow similar to most of the banking trojans. But it can attack more than 300 apps or around 337 apps which is more than its predecessors.
This malware was found in May 2020 by an analyst at Threat Fabric, according to ThreatFabric. BlackRock is a social networking and communication application that has not been observed in other banking Trojan target lists. This suggests that the actors behind BlackRock are trying to abuse the growth in online socializing that increased rapidly during the last months due to the pandemic situation.
There is no one-size-fits-all answer to this question, as the best way to protect your computer against malware depends on the specific threats and vulnerabilities that are present on your system. However, some general tips for protecting yourself against malware include using a reputable anti-virus program, keeping up to date with security patches, and using a firewall. ..
Features of BlackRock
BlackRock, a financial firm, has come up with an Android malware called “BlackRock.” This malware has many harmful features that are not found in other Android malware. Some of these features are listed below. ..
Dynamic (Local injects obtained from C2)KeyloggingSMS harvesting: SMS listingSMS harvesting: SMS forwardingDevice info collectionSMS: SendingRemote actions: Screen-lockingSelf-protection: Hiding the App iconSelf-protection: Preventing removalNotifications collectionGrant permissionsAV detection
Microsoft has released a warning for a “wormable” critical Windows DNS server vulnerability. This vulnerability could allow remote attackers to execute arbitrary code or cause a denial of service (DoS) attack. Microsoft has released the advisory for this vulnerability in Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, and Windows 10. To exploit this vulnerability, an attacker would need to be able to access the DNS server and run a specially crafted application. Microsoft has not released any information about how to exploit this vulnerability.
How Blackrock works?
BlackRock’s malware will start hiding its app icon from 337 apps in the app drawer, and it will ask for the Accessibility Service privileges from the victim before starting to grant itself additional permissions. Once those permissions are granted, BlackRock will start receiving commands from the C2 server. Some of the commands include: Send_SMS- It sends an SMS. Flood_SMS- It will send an SMS to a specific number in every 5 seconds. Run_App- It will start a specific app on the bot. Unlock_Hide_Screen- It will unlock the device from the HOME screen.
Windows PC users are being targeted with ransomware that demands a ransom in order to free the user’s computer. The ransomware, which is called “WannaCry,” has already taken over thousands of computers in the United Kingdom and other countries. The ransomware encrypts files on the computer and demands a ransom in order to be released. If the ransom is not paid, the computer can be seized by authorities and used for criminal purposes.
This malware is currently being spreading as fake Google update packages offered by third-party sites that are pretty similar to Trojan, but it hasn’t yet been spotted on Google Play Store. However, BlackRock with its extremely powerful commands can easily expand over Google Play Store.