BlackRock Android malware poses as fake Google updates to steal your data

By Digit NewsDesk | Published on 20 Jul 2020

BlackRock Android malware has been spotted online

It can steal personal user data from over 337 apps

BlackRock was discovered in May 2020

BlackRock Android malware poses as fake Google updates to steal your data
BlackRock Android malware poses as fake Google updates to steal your data

Vostro 3501

Popular tech to stay connected anywhere. Save more on exciting Dell PCs.

Click here to know more


BlackRock Android malware has been spotted online and can reportedly steal personal user data from over 337 popular Android apps such as Gmail, Netflix, Amazon, Instagram and more. BlackRock is a new type of banking malware that steals personal information but is different from other such malware as it targets social networking, shopping and dating apps as well as essential apps such as Gmail and Outlook.

BlackRock was discovered in May 2020 by ThreatFabric analysts who found out that this new malware was based on the Xerses banking malware that comes from the family of LokiBot banking trojan malwares. In its report, ThreatFabric states that the source code of Xerses was made public back in May 2019 and so the malware was essentially accessible to anyone who could tweak its features and release it. BlackRock has undergone changes and has an increased target list of apps that include many popular non-financial apps. Usually, banking malware targets only financial apps.

How does BlackRock Android malware works?

BlackRock banking malware disguises itself as fake Google Updates notifications that pop-up on the users phone. The malware makes its icon disappear from the app drawer and asks for Accessibility permissions. Once the user grants the privileges, Google Update pop-up messages start to appear with the bot granting itself the rest of the administrator permissions it needs to fully function. 

After this, the malware can conduct overlay attacks and can steal sensitive information such as login credentials, banking details and more. There are as many as 337 apps that this malware targets and this is something that hasn’t been observed before with banking malware. It cannot be detected by any mobile anti-virus as it doesn't let the user open any security apps such as Avast, AVG, BitDefender, Eset, Symantec, TrendMicro, Kaspersky, McAfee, Avira and other such apps.

BlackRock targets Yahoo Mail, Microsoft Outlook, Gmail, Hotmail, Uber, Netflix, eBay, Amazon, Telegram, WhatsApp, Twitter, Snapchat, Skype, Instagram, Facebook Messenger, YouTube, Reddit, Pinterest, Google Pay, Tinder, banking and payments apps and more.

The BlackRock Android malware is being distributed by third-party websites and hasn’t been spotted on the Play Store yet. So as a measure of precaution, its recommended not to visit untrusted websites.

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry. Protection Status