HomeNewsNew Android malware detected: Can remotely control your phone

New Android malware detected: Can remotely control your phone

A new Android malware has been detected by researchers which can remotely control the victim’s phone.

Highlights

  • New Android malware ‘Hook’ is being sold on DarkWeb
  • Hook can remotely control the victim’s phone
  • Hook can also access the location of the phone if granted with enough permissions

Researchers from security firm ThreatFabric have warned users of a new Android malware that can remotely control their phones. Hacker can use the malware to steal data, exfiltrate personally identifiable information (PII), make financial transactions and more. The new Android malware is being called ’Hook’.

Researchers at security firm ThreatFabric discovered that the Hook malware could be bought on the dark web. The team behind the discovery says that Hook is essentially a banking trojan. It seems to be quite similar to Ermac, based on code, which is another popular trojan.

However, there are a few standout features, including using VNC (virtual network computing) to take over the mobile device. Hook also comes with WebSocket communication features and encrypts its traffic using the AES-256-CBC hardcoded key.

Read More: Top 10 Industries attacked by Malware in India

“The malware is advertised as “written from scratch”. This is debatable, as the majority of the code base remains the one from Ermac, including some commands in Russian expressing an unnecessary angst towards the world, which in our opinion would have not made the cut if a proper revision of the code had taken place”, said the ThreatFabric report.

Hook can perform specific swipe gestures, take screenshots, simulate key presses, scroll, and simulate a long-press event. The malware can also be used as a File Manager app, which allows users to list all of the files residing on the endpoint and exfiltrate the ones they deem worthy.

“This kind of operation is much harder to detect by fraud scoring engines, and is the main selling point for Android bankers,” said the team. However, to reach its full potential, the malware needs Accessibility Service permissions in Android. If granted, one can also expect their location to be revealed, as Hook is also able to abuse the “Access Fine Location” permission.

For the latest tech news and reviews, follow us on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

RELATED STORIES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Crypto News