Watch Now
Your email and personal information are confidential, and will not be sold or rented. For further information, read our Privacy Policy.
Copyright © 2020 Zimperium All Rights Reserved | Privacy Policy
Trusted by Industry Leaders
Your mobile app user first installs a utility app containing connections to the BlackRock malware server. These apps are often handy currency conversion, stock information, or trading apps. (The BlackRock malware is not present on the device yet, to evade detection from Google Play.)
With Zimperium, we finally have a tool to pinpoint mobile banking fraud attributable to compromised devices.
VP Mobile Security
Global Financial Services Company
We needed to rebuild and relaunch our apps quickly and efficiently. Zimperium provided a one-stop-shop approach to identifying security, privacy and compliance risks during app development and protecting/monitoring apps from attacks while in use.
SVP of Application Development
North American Bank
Days later, the malicious utility app updates itself to deliver the BlackRock malware files to your user's device.
What Our Clients Are Saying
Allows banks to assess users' device risk for every single mobile banking session in real-time.
CISO
Global Financial Services Provider
Zimperium easily integrates into your mobile application development lifecycle:
Once installed, the malware then launches and hides from the user so as not to cause concern.
Complete the form to watch the Zimperium research and security teams explain the malware, how it works, who is targeted, and actions you can take to detect and remediate this and other advanced threats to your mobile apps.
BlackRock malware specifically targets 337 mobile apps to steal credit card information and banking account credentials.
How BlackRock Steals Data
1.
2.
3.
The malware then cleverly achieves device access to the user's Accessibility Service by tricking your user into clicking on and agreeing to a fake Google update. This phony update allows the malware to gain more privileges on your user's device.
4.
5.
BlackRock then automatically grants itself additional permissions after receiving the requested Accessibility Service privilege and communicates with its command and control server.
6.
BlackRock then abuses the Accessibility Service (provided by your user) to display a malicious overlay screen that exactly mimics your app's login screen. Your users cannot detect this fake overlay screen on top of your app running in the foreground. Your user will unknowingly provide her banking login credentials or credit card information directly to the attackers. The malware also contains functions to capture incoming SMS messages to record second-factor authentication information.
Captured credit card numbers and account credentials can be used for fraud payments, transfers, or sold on the Black Market.
7.