Cybersecurity experts have warned about a new type of Android malware called Hook that is capable of taking over a targeted endpoint and using it to steal data and leak personally identifiable information (PII) and conduct financial transactions. The malware has been spotted in countries around the world world, it is important to stay vigilant and take steps to protect your device from malicious attacks. In this blog post, we will discuss the functionality of Hooks and how to keep devices secure.
The Hook malware: How to avoid being a victim
Cybersecurity experts have warned about a new type of Android malware called Hook that is capable of taking over a targeted endpoint and using it to steal data and leak personally identifiable information (PII) and conduct financial transactions. Discovered by researchers at security firm ThreatFabric Hook is a banking Trojan that can be purchased on the dark web.
According to the ThreatFabric team, Hook is similar to Ermac, another popular Trojan, and shares many features with it. However, Hooks have some prominent properties that make them especially dangerous. One of these features is to take over mobile devices using VNC (Virtual Network Computing) equipment. Hook also features WebSocket communication and encrypts its traffic with an AES-256-CBC hardcoded key.
Other notable features of the Hook include the ability to perform specific swipe gestures, take screenshots to simulate key scrolling, and simulate long-press events. The malware can also be used as a file manager application, allowing hackers to list all files on the endpoint and reveal They think it’s worth it. This kind of manipulation is harder to detect by fraud scoring engines and is the main selling point of Android Banker, which the ThreatFabric team warns about.
The good news is that users need to grant accessibility service permissions for the malware to reach its full potential. Those who do this can also expect their location to be leaked, as Hooks can also abuse the “Access Precise Location” permission.
Hooks have been targeted all over the world, with researchers finding infected devices in countries including the US, UK, Spain, Poland, Portugal, Italy, France, Canada, Australia, and Turkey. It is important to note that to protect your device from malware, avoid installing source and be wary of clicking suspicious links. It’s also good practice to keep your device updated with the latest security patches to stay protected.