Fake Google Update Steals Data From 337 Android Apps

From Google to Samsung, Android smartphones are some of the most popular handheld devices around the world.

But if you use an Android smartphone, you may want to be wary about any Google updates you’re prompted to make, Mirror reported.

Researchers from ThreatFabric have warned of a fake Google update called BlackRock, that can steal your personal data from 337 apps, including Netflix.

In a blog about the findings, the researchers explained: “One of the interesting differentiators of BlackRock is its target list; it contains an important number of social, networking, communication and dating applications.

“So far, many of those applications haven't been observed in target lists for other existing banking Trojans.

“It therefore seems that the actors behind BlackRock are trying to abuse the grow in online socialising that increased rapidly in the last months due to the pandemic situation.”

The malware, dubbed BlackRock, starts by hiding its icon from the app drawer, making it invisible to the user.

It then poses as a fake Google update, and requests access to your apps.

If you grant this request, the malware can access your personal data within those apps, including your messages.

The researchers explained: “Once the user grants the requested Accessibility Service privilege, BlackRock starts by granting itself additional permissions.

"Those additional permissions are required for the bot to fully function without having to interact any further with the victim.

“When done, the bot is functional and ready to receive commands from the C2 server and perform the overlay attacks.”

Based on the findings, make sure you check any updates requests are actually from Google.

To do this, open Settings > System > System Updates. Tap on Check for Updates to see if you have something new.

Speaking to Mirror Online, Jake Moore, Cyber security specialist at internet security company ESET, said: “This malware is particularly well made and can easily camouflage itself as a genuine app and do some damaging spy work in the background. It is vital you know what apps you are downloading by checking reviews and only using trusted app stores to avoid unknowingly downloading something more illicit.

"Once on your device this malware can copy every single keystroke you type so if this includes your passwords or security answers, they will be stolen instantly without your knowledge.

"One way to protect yourself from keyloggers is to use a password manager so when you need to place any sensitive information in the corresponding fields, you simply copy and paste them in from the manager resulting in the keylogger only logging that you used the clipboard copy and paste function rather than capturing your private credentials.”