A new Android malware known as the “BlackRock Trojan” falls into the category of banking Trojans. Researchers analyzed the collected samples, and an in-depth examination revealed the threat was a very complex malware that was unknown until then. Companies with BYOD policies in Dallas need the right IT support to safeguard against this threat.

What is BlackRock Trojan?

BlackRock has parts of code excerpt that combine the components of the Xerxes banking Trojan with LokiBot. According to the Xerxes development tracker, its code was made available in the past year, which means hackers and malware developers might recreate it.

Xerxes is derived from LokiBot, one of the most dangerous malware samples in the Android ecosystem. The BlackRock Android Trojan appears to be only a full derivative of the LokiBot.

Despite fewer hackers using LokiBot to attack mobile devices, this type of abuse occurs regularly by various hacker groups. The threat is accurate, and Dallas companies should shore up their IT support.

This Android Trojan infects popular apps with the necessary virus code by infecting them with its code. It harms:

• Messenger applications
• Social media apps
• Communication programs
• Dating services

Common distribution techniques include virus-infected applications. Apps can be uploaded to official repositories using fake or stolen developer credentials. In addition to large descriptions and user comments, hackers can upload macros here promising new features.

Are there any Android malware features that BlackRock Trojan Horse has?

BlackRock Android Trojan causes malicious actions to begin as soon as it runs on the device. In addition to the process being hidden, the app drawer will not contain the dangerous payload carrier. Second, the user is prompted for permissions to grant Accessibility Service Processes. Many users tend to ignore them as they appear to be legitimate system messages.

When additional privileges are granted, they enhance the Trojan’s access, thereby enabling its full functionality. With BlackRock Android Trojan, criminals can execute complex commands via a local client and hacker-controlled server. These malign commands are supported at this time:

• Send SMS
• Flood SMS
• Download SMS
• Spam on contacts
• Change SMS Manager
• Run App
• StartKeyLogs
• StopKeyLogs
• StartPush
• Stop pushing
• Hide Screen Lock
• Unlock Hide Screen
• Administrator
• Profile
• Start clean Push
• Stop clean Push

The BlackRock Android Trojan hijacks user data and logs into system processes. Everything can be transmitted in real-time by establishing a live connection to the hacker server. It is particularly hazardous to deploy keyloggers since they can record all user interactions.

In general, smartphone antivirus apps are not a bad idea. However, they do not prevent BlackRock malware. Infiltrating your phone with BlackRock includes the ability to prevent your phone from running an antivirus program.

Don’t assume that an antivirus app will protect you from all threats. Whatever the legitimateness of an app may seem, you should be aware of its permissions.

To learn more about this and other types of android threats and the right measures to take, get in touch with Technagy. We are a leading managed IT support company in Dallas.