Android trojan posing as Clubhouse can steal data from 450 apps

Google News

Must Read

Coronavirus Vaccines: Not Rocket Science

<!-- -->AIIMS chief Dr Randeep Guleria spoke to NDTV on Friday night time (File)New Delhi: Predicting the worldwide clamour...

EC orders re-polling for three assembly seats in southern Assam...

Guwahati: The Election Commission (EC) has ordered re-polling in 4 polling stations in southern Assam, the place regular balloting...

Hangover 2 Movie download in Tamil TamilRockers, Hangover 2 Tamil...

Hangover 2 Movie Download in Tamil TamilRockers People have began to look Hangover 2 Movie Download in Tamil TamilRockers, to...

King Kong Vs Godzilla Movie download in Tamil Isaimini, King...

King Kong Vs Godzilla Movie Download in Tamil Isaimini People have began to look King Kong Vs Godzilla Movie Download...

West Bengal assembly election: Voting for fourth phase of polls...

Kolkata: Polling for the fourth phase of the tightly-contested West Bengal Assembly elections ended on Saturday night with a...
Advertisement




The Android trojan — nicknamed “BlackRock” by ThreatFabric and detected by Slovak web safety agency ESET — can steal victims’ login credentials for greater than 450 apps and bypass SMS-based two-factor authentication.

For starters, Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank are all on the checklist.

Advertisement



“Cybercriminals are trying to benefit from the recognition of Clubhouse to ship malware that goals to steal customers’ login info for quite a lot of on-line providers,” stated ESET malware researcher Lukas Stefanko.

The goal checklist consists of well-known monetary and purchasing apps, cryptocurrency exchanges, as properly as social media and messaging platforms.

Clubhouse was but to react to the report.

The app is presently accessible on Apple App Store and has been downloaded greater than 8 million occasions. Its Android model is ready to reach quickly as the corporate is engaged on it.

Advertisement



“To be frank, it’s a well-executed copy of the official Clubhouse web site. However, as soon as the consumer clicks on ‘Get it on Google Play’, the app might be robotically downloaded onto the consumer’s gadget. By distinction, official web sites would all the time redirect the consumer to Google Play, quite than immediately download an Android Package Kit, or APK for brief,” Stefanko defined.

Once the sufferer is hoodwinked into downloading and putting in “BlackRock”, the trojan tries to purloin their credentials utilizing an overlay assault.

In different phrases, each time the consumer launches one of many focused purposes, the malware will create a data-stealing overlay of the applying and request the consumer to log in. Instead of logging in, the consumer unwittingly fingers over their credentials to the cybercriminals.

The malicious app additionally asks the sufferer to allow accessibility providers, successfully permitting the criminals to take management of the gadget, the researcher famous.

Disclaimer: This story is auto-aggregated by a pc program and has not been created or edited by FreshersLIVE.Publisher : IANS-Media

- Advertisement -

Latest News

Indian Business Tycoon Yusuffali MA Gets Top Civilian Award In UAE

<!-- -->Indian-origin businessman Yusuffali MA was honoured by the crown prince on Friday.Dubai: Crown Prince of Abu Dhabi Sheikh...

More Articles Like This