Hook: An Android malware takes control of your phone

Fizza AtiqueLast Updated: Jan 20, 2023
Hook: An Android malware takes control of your phone

Gone are days when we used to think that our devices are our personal assets. Now hackers can take control of your devices in real-time using VNC (virtual network computing) with a new Android Malware named ‘Hook’. This new malware is created by ERMAC  which is an Android banking torjan. The malware is selling for $5,000/month and those who buy it would be able to take control of someone else device.

The creator of Hook claim that this malware was written from the scratch but tech savvies believe that extensive code overlaps between HOOK and ERMAC.

Even if it is originated from ERMAC or not, Hook has included new set of capabilities which makes it even more dangerous to Android users.

Hook has introduced WebSocket communication that comes in addition to HTTP traffic not incorporated by Ermac. The network traffic is still encrypted using an AES-256-CBC hardcoded key. However, the eye opening addition is the  ‘VNC’ module that gives hackers the capability to interact with the user interface of the compromised device in real-time.

While telling about this new malware, ThreatFabric warns:

“With this feature, Hook joins the ranks of malware families that are able to perform full DTO, and complete a full fraud chain, from PII exfiltration to transaction, with all the intermediate steps, without the need of additional channels.This kind of operation is much harder to detect by fraud scoring engines, and is the main selling point for Android bankers.”

Hook can perform the following actions:

  • Start/stop RAT
  • Perform a specific swipe gesture
  • Take a screenshot
  • Simulate click at specific text item
  • Simulate a key press (HOME/BACK/RECENTS/LOCK/POWERDIALOG)
  • Unlock the device
  • Scroll up/down
  • Simulate a long press event
  • Simulate click at a specific coordinate
  • Set clipboard value to a UI element with specific coordinates value
  • Simulate click on a UI element with a specific text value
  • Set a UI element value to a specific text

It seems quite alarming knowing the action that can be taken on our devices. The only solution to save ourselves from such malware is to download apps from the Google Play Store only and not download any unknown links from someone.

Also Read: After Android certificate leak, Samsung and LG Phones Are at Malware Attacks Risk

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!
Fizza AtiqueLast Updated: Jan 20, 2023
Photo of Fizza Atique

Fizza Atique

Fizza Atique is a Tech writer specializing in the intersection of tech and culture. She likes photography, VR, electronic music, coffee, and baking.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Get Alerts!

PhoneWorld Logo

Join the groups below to get the latest updates!

💼PTA Tax Updates
💬WhatsApp Channel

>