A new malware called Hook is circulating on the Internet and selling for $7,000 and it is claimed that it could take full control of an Android smartphone.
Android users beware because the threat actor behind the Android banking Trojans BlackRock and Ermac has unleashed another malware it is currently selling, called Hook, and it boasts the power to take full control of your smartphone .
Hook’s target banking apps are affecting users in the United States, Spain, Australia, Poland, Canada, Turkey, the United Kingdom, France, Italy, and Portugal.
The Hacker News characterized Hook as a novel advance of Ermac (another malware that was revealed in September 2021), which is advertised for sale for $7,000 per month and presents “all the capabilities of its predecessor”. And it is that this novelty offers a wide set of capabilities that make it a more dangerous threat for Android users.
Among them stands out the possibility of interacting with the user interface of the compromised Android smartphone in real-time. It can perfectly take a screenshot, simulate clicks, scroll through the interface, and start and stop the remote control whenever it pleases.
Apart from the above, one command can turn the malware into a file manager, allowing cybercriminals to get a list of all the files stored on the device and download them if they want.
Another troubling command that ThreatFabric found relates to the WhatsApp app, warning that Hook can log all messages and even allows cybercriminals to send messages through the victim’s account. Lastly, a new geolocation tracking system allows Hook operators to track the exact position of the victim.
The hook is currently distributed as a Google Chrome APK under the package names “com.lojibiwawajinu.guna”, “com.damariwonomiwi.docebi”, “com.damariwonomiwi.docebi”, “com.yecomevusaso.pisifo”.
Prevent a hacker from taking control of your device with these tips
With all this on the table, to avoid getting infected with this new Android malware, be careful what links you click on. Try not to install apps from suspicious websites that are not available on the Play Store. Use trusted sources and check reviews before installing any app.
Of course, be very careful with your passwords. As we always warn, nowadays, everything is so synchronized, and all accounts are linked together, that just having access to one password can make it easy to hack all your other accounts and your entire phone.
Above all, they claim that the Hook malware has a difficult time operating on devices running Android 11 or later, so you should update if you have the possibility.