I have never had any fear of malware. There were several reasons for this. Firstly, the likelihood that they will get on my smartphone, given that I do not download any junk from the Internet, is frankly small. Secondly, as a rule, they affect a rather limited range of applications. Well, and thirdly, I roughly understand how to deal with them. Only hackers are constantly improving their skills of creating malicious software, and many do not even know how to deal with them.
The number of malicious applications for Android is not decreasing. It's a pity
On Android, a new virus program BlackRock has appeared, which attacks a total of 337 applications. Its purpose is to steal credentials to access them. These are not only banking applications, which are usually victims of Trojans and phishing programs, but also clients of social networks, instant messengers and many other services. But if you can understand the desire of the attackers to steal the funds of their victims, in principle, then why they needed accounts Instagram, Twitter and other services is unknown.
How data is stolen on Android
BlackRock is no different from most phishing apps
As a rule, BlackRock infiltrates the devices of its victims under the guise of updates Android through unreliable web resources. That is, it is designed for not the most advanced users who are used to looking for installation files for updates on the Internet, without having a special idea of \ u200b \ u200bin what form they generally exist. Attackers take advantage of their naivety and do not even bother to embed malicious code in this update, distributing BlackRock in its pure form.
BlackRock collects data in a fairly standard way. Whenever a user launches a specific application, the Trojan understands this and slips him a fake authorization window. As a result, the victim sees that she is being asked to log in again, enters her username and password, not suspecting that in fact this data will be sent to attackers who will simply seize control over the account and be able to perform significant actions on her behalf. For example, write to users and ask for money on credit, as often happens today.
How to protect yourself from viruses on Android
Defending against malicious apps is easier than you think
But you need to understand that Black Rock is not an omnipotent application. That is, once on the user's device, it cannot begin to conduct subversive activities without special permissions. To do this, he needs to get the privilege of accessing the overlay mechanism, which allows legitimate applications to be blocked by phishing windows. It is them that BlackRock slips on to its victims, offering to pass imaginary authorization and, in fact, voluntarily lease their data to scammers.
Defending against this type of software is quite simple. First, it is necessary to abandon the idea of downloading updates and software from unofficial channels, waiting for all updates over the air. Secondly, you need not to give applications all permissions left and right, but still peer a little at what they ask for. Well, and thirdly, the overlap of a legitimate application on a phishing page is clearly visible in the multitasking menu. Therefore, if you suddenly saw that the banking application asks to re-authorize, start multitasking and see if there are any strange programs among those running.