A recent malware attack on Android smartphones allowed hackers to remotely control a user’s device and access all the data on it.
According to GizChina , new malware called Hook, created by the same hackers who created the Android banking virus BlackRock and ERMAC, has just been discovered allowing crooks a new way to remotely interact and access to files stored on the device. Reportedly, BlackRock stole the funds and passwords of all the banking apps on the hacked phones, while ERMAC targeted crypto wallets by stealing the victim’s contact information and banking IDs.
Hook provides all the functionality of its predecessors, however, its main ability is to gain control of the victim’s devices. In addition, cybersecurity company ThreatFabric (Netherlands) said that Hook also extended remote access capabilities, working with Octo and Hydra to take over the entire device and complete the entire fraud chain.
The File Manager command will convert the virus into a file manager, thereby allowing hackers to download specific files of their choice and get a list of all that is stored on the device. Another command for the popular instant messaging program WhatsApp allows Hook to keep all chats, even send messages using the victim’s account.
Unlike other malware, Hook is now available globally. In the US, Australia, Poland, Canada, Turkey, UK, Spain, France, Italy and Portugal, Hook is focusing on banking applications.
Currently, Hook is distributed as a Google Chrome APK under the package names “com.lojibiwawajinu.guna”, “com.damariwonomiwi.docebi”, “com.damariwonomiwi.docebi” and “com.yecomevusaso.pisifo”, but this may change at any time. To avoid getting infected with Android malware, users should only install apps from the Google Play Store or those provided by the business owner where they work.
