Security News > 2023 > January > Android Users Beware: New Hook Malware with RAT Capabilities Emerges
![Android Users Beware: New Hook Malware with RAT Capabilities Emerges](/static/build/img/news/android-users-beware-new-hook-malware-with-rat-capabilities-emerges-medium.jpg)
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session.
ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that's advertised for sale for $7,000 per month while featuring "All the capabilities of its predecessor."
"The lack of some sort of RAT capabilities is a major issue for a modern Android Banker, as it does not provide the possibility to perform Device Take Over, which is the fraud methodology that is most likely to be successful and not detected by fraud scoring engines or fraud analysts. This is most likely what triggered the development of this new malware variant."
Like other Android malware of its ilk, the malware abuses Android's accessibility services APIs to conduct overlay attacks and harvest all kinds of sensitive information such as contacts, call logs, keystrokes, two-factor authentication tokens, and even WhatsApp messages.
Among the other major features to be added to Hook is the ability to remotely view and interact with the screen of the infected device, obtain files, extract seed phrases from crypto wallets, and track the phone's location, blurring the line between spyware and banking malware.
"The main drawback of creating a new malware is usually gaining enough trust by other actors, but with the status of DukeEugene among criminals, it is very likely that this will not be an issue for Hook," Durando said.
News URL
https://thehackernews.com/2023/01/android-users-beware-new-hook-malware.html
Related news
- Finland warns of Android malware attacks breaching bank accounts (source)
- Android 15, Google Play get new anti-malware and anti-fraud features (source)
- Android 15, Google Play Protect get new anti-malware and anti-fraud features (source)
- Android malware Grandoreiro returns after police disruption (source)
- Beware: These Fake Antivirus Sites Spreading Android and Windows Malware (source)
- Andariel Hackers Target South Korean Institutes with New Dora RAT Malware (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS (source)
- Singapore Police Extradites Malaysians Linked to Android Malware Fraud (source)
- Ratel RAT targets outdated Android phones in ransomware attacks (source)