January 31, 2023

A new Android malware is upon us, and it’s called ‘Hook’. This malware can actually remotely control your smartphone, reports Bleeping Computer. This malware actually uses VNC (Virtual Network Computing) in order to take over devices in real-time.

‘Hook’ is a new Android malware that can take control of your phone

It seems like ‘Hook’ is promoted by the creator of Ermac. For those of you who don’t know, Ermac is an Android banking trojan. That trojan helps actors steal credentials from over 467 banking and crypto apps.

The creator of Ermac claims this new malware is written from scratch, but researchers from ThreatFabric doubt that. There are extensive code overlaps between the two malware families. In fact, considering it is consistent with most of Ermac’s code base, it’s essentially also a banking trojan.

The researchers see this malware as an evolution of Ermac, basically. In other words, it makes it more dangerous than Ermac, which is, of course, not good… at all.

The VNC module that we mentioned is the main addition here. It allows Hook to perform any action on the infected device, from PII exfiltration to monetary transactions.

Hook is targeting banking apps

Hook’s target banking applications impact users in the United States, Spain, Australia, Poland, Canada, Turkey, the UK, France, Italy, and Portugal, says the source.

This malware can impact anyone around the world, though, ThreatFabric did list all the apps Hook targets in this report, in case you’d like to check it out.

As we always say, if you don’t know exactly what you’re doing, you should install apps only via official sources. If you do install them from third-party sources, however, make sure the app you’re about to install is legit. Apps which end up being infected are usually easily recognizable (design, low download count, reviews…), but not always.

See also  Google turns your phone into an arcade with Shopper Hopper