What makes this malware the most dangerous is its ability to extract credentials and credit card information from over 300 apps such as email, e-commerce apps, social media apps, besides banking and financial apps, the Computer Emergency Response Team (CERT), India said in an advisory.

“It is reported that a new Android malware strain dubbed ‘BlackRock’ equipped with datastealing capabilities is attacking a wide range of Android applications.

“The malware is developed using the source code of Xerxes banking malware which itself is a variant of LokiBot Android Trojan,” the advisory said.

CERT is the national technology arm to combat cyber attacks and create a safe Indian cyber space.

The ‘attack campaign’ of this ‘Trojan’ category virus is active globally, said CERT –In.

The predominant feature of this malware is that its target list contains 337 applications including banking and financial applications, and also non-financial and well-known commonly used brand name apps on an Android device that focus on social, communication, networking and dating platforms.

What makes it even more dangerous is its capability to “deflect” majority of anti-virus applications.

Counter-measures

The federal cyber security agency suggested some counter-measures:

1. Do not download and install applications from suspicious sources and use reputed application market only;
2. Always review the app details, number of downloads, user reviews and check ‘additional information’ section before downloading an app from play store.
3. Use device encryption or encrypt external SD card
4. Avoid using unsecured, unknown Wi-Fi networks among others.
5. When it comes to downloading banking apps one should use the official and verified version and
6. Users should make sure they have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware.

The post Think before you click appeared first on The Gulf Indians.