BlackRock is a new strain of banking malware that steals data from social networking, dating, and cryptocurrency apps. Its source code is derived from a leaked version of the TrojanTrojan, which was observed during 2016-2017. BlackRock does the data collection by abusing Android’s Accessibility Service privileges, for which it seeks users’ permissions under the guise of fake Google updates when it’s launched for the first time on the device, as shown in the shared screenshots. These credential-stealing overlays have been found on banking apps operating in Europe, Australia, the US, and Canada, as well as shopping and business apps.
Source: https://thehackernews.com/2020/07/android-password-hacker.html