A new malware dubbed BlackRock targets hundreds of Android applications to steal data. Researchers have found out how it steals users’ sensitive details, apart from login credentials, such as credit card data.
First, the malware hides its icon to stay invisible. Then, it poses as other services, such as fake Google update, and asks the user permission to access the Accessibility Service. Once received, the malware then automatically gains other permissions to access other apps. It can now perform any action on the device without user interaction.