Have you heard of the new Android mobile banking malware known as BlackRock? If so, do you know how to protect your device such as a smartphone or tablet from being infected by this trojan?
By way of answering these questions, let’s consider the following points.
What is malware?
Webopedia.com defines mobile malware as “malicious software… that is designed specifically to target a mobile device system, such as a tablet or smartphone to damage or disrupt the device.” Additionally, this malware is designed to achieve one or more of the following three aims:
- Disable a mobile device.
- Allow the malware developer remote access to the mobile device in question.
- Steal critical and personal information such as banking or credit card details and individual identification details.
What is the BlackRock Trojan?
The BlackRock trojan was discovered during May 2020. It aims to steal personal information and credit card information stored in other apps on an Android phone. It gains access to Android devices by camouflaging itself as a Google Update file to request Accessibility Service privileges and will hide its icon so that device users do not know it is there. Finally, once it has been granted the Accessibility Service rights, it will start granting itself additional privileges; thereby, giving itself the right to access credit card and banking details.
As an aside, it is interesting to be aware of the fact that the ThreatFabric analysts who discovered the malware noted that it is based on the open-source code for the LokiBot Android trojan.
And, although this trojan is classified as a banking app, it targets non-financial apps to extract banking details. It focuses on extracting this information from dating, social media, communication, and networking platforms.
When you open an app like Facebook, Instagram, or Tinder, the trojan overlays a fake version of the original app and records any credentials that you type into the app while believing that you are interacting with the original app.
The good news is that this trojan has not been able to infiltrate the Google Play Store. It only targets people who download and install third-party apps on their devices. Consequently, it is essential to keep your mobile device’s operating system and apps updated to prevent security breaches like this trojan.
Three ways you can improve your mobile device security
Finally, let’s look at three different methods that you can use to improve your mobile device security.
Install a VPN to encrypt your data
An Android VPN or Virtual Private Network is a virtual tunnel between your device and a third-party website that encrypts your data as it moves between the source and destination. In practice, the VPN connects your mobile device to the VPN’s server somewhere out in the cloud. It allows you to browse the Internet or transact with websites like your online banking and other secure websites through this server. Therefore, it is as though your online behavior has originated at the server’s network address and not your device’s address.
This prevents nefarious third-parties, or anyone for that matter, from snooping on your data and stealing important information like credit card details and personal identification details.
Install an antivirus
Modern smartphones and tablets are more like minicomputers than solely communication devices. They run on operating systems and allow the installation of third-party apps. Android devices also allow users the option of installing apps from sources outside of the Google Play Store. This option is the “open-door” for malware creators. Therefore, it is essential to install a quality antivirus and keep it updated with the latest virus signatures to prevent hackers from installing apps that will comprise your device’s data integrity.
Switch your device’s Bluetooth off
Bluetooth is a wireless technology standard that is used to connect two or more devices so that data can be transferred between these devices. It is a low-power communication option and is used to connect devices to peripherals like wireless speakers, sports watches, headsets, and input and output devices like barcode scanners, keyboards, and GPS receivers.
Bluetooth is an overlooked attack vector for mobile devices in that it allows remote connections to your device; thereby, allowing the transfer and installation of malware on your device. Therefore, it’s best to keep your phone or tablet’s Bluetooth switched off until it is needed to transfer data between your personal devices.
Final thoughts
The salient point of this discussion is that it is essential to protect your mobile data from being hacked through trojans like the BlackRock malware by installing a VPN and antivirus. It is equally important to ensure that the device’s operating system and all the installed apps are regularly updated to prevent hackers from exploiting system vulnerabilities.
Lastly, as described above, new malware is developed all the time. Consequently, antivirus vendors release new virus signatures every day. It is essential to update your device’s antivirus daily to ensure that your device is always protected.
