A new Android malware strain called BlackRock has been discovered by researchers at ThreatFabric. BlackRock comes equipped with a range of sophisticated data theft capabilities that allow it to target over 300 Android applications. The malware was discovered in May and operates similarly to most other Android banking trojans. The malware is based on the leaked source code of the malware strain Xerxes, however, contains additional features in areas like theft of user passwords.
BlackRock will steal login credentials when available, however, the malware also asks the victim to enter sensitive details such as payment card details if the targeted app supports financial transactions. According to ThreatFabric, the data collection process consists of detecting when a user attempts to interact with an app that BlackRock takes advantage of, overlaying a fake window on top of the legitimate app interface to collect login details.
Read More: New BlackRock Android malware can steal passwords and card data from 337 apps