A new banking malware dubbed BlackRock has recently been detected by researchers at Threat Fabric.
The investigation into its origins has confirmed BlackRock to be derived from the famous Xerxes banking malware. Xerxes was, in turn, spawned from the LokiBot Android banking Trojan, initially detected about four years ago.
The Xerxes malware source code was made public by its author back in May 2019, making it possible for threat actors to get their hands on it. Despite the code’s availability, researchers have realized that the only Android banking Trojan based on Xerxes’ source code currently operational appears to be BlackRock.
This malicious new kid on the malware block steals credentials not only from the banking apps and also from other apps designed to facilitate shopping, communication, and business. In total, the team has found 337 Android apps that were impacted, including social networking, dating, and cryptocurrency apps.
To Read More: Infosecurity