Beware of the Hook malware, a new and potentially devastating virus targeting the Android operating system. This malware, also known as a banking Trojan, has the ability to take full control of your mobile device in real-time and steal money from your bank account. Cybercriminals are reportedly selling the malware for a staggering $5,000 per month.

The malware, which has been promoted by a user named Ermac, is particularly dangerous due to its ability to hijack credentials from over 467 banking applications through the use of overlay login pages, a tactic that often goes unnoticed by unsuspecting users. This highlights the importance of being vigilant and taking precautions to protect your mobile device and financial information from cyber threats.

A very dangerous virus

Hook is a highly sophisticated Android malware that poses a significant threat to the community, according to research from Threat Fabric. This malware, which is an evolution of another malicious program known as Ernac, offers a wide range of capabilities that make it particularly dangerous.

One of the major developments that sets Hook apart from Ernac is its use of WebSocket communication, in addition to Ermac’s HTTP traffic. This allows the malware to have more control over the infected device. Additionally, the malware includes a “VNC” module that allows cybercriminals to interact with the phone screen in real-time, enabling them to carry out various actions on the device, such as extortion of personal information and monetary transactions.

According to Threat Fabric, the inclusion of this feature makes Hook one of the few malware families that are capable of full DTO (data exfiltration and transaction), allowing it to complete an entire fraud chain without the need for additional channels.

Android godfather steal money virus

The Hook virus, which targets the Android operating system, has a wide range of capabilities that can be executed on an infected device. These include:

  • Starting and stopping the RAT (remote access tool)
  • Performing specific swipe gestures
  • Taking screenshots
  • Simulating clicks on specific text elements
  • Simulating the pressing of keys
  • Unlocking the device
  • Scrolling up and down
  • Simulating long presses
  • Simulating clicks on specific coordinates
  • Setting the clipboard value to a UI element with a specific coordinate value
  • Simulating clicks on a UI element with a specific text value
  • Setting the value of a user interface element to a specific text.

You have to be very careful

The Android malware known as Hook is a highly advanced and dangerous threat, with capabilities that go beyond the basic list of commands previously mentioned. ThreatFabric researchers have discovered that the virus is also able to trigger a file manager command, allowing cybercriminals to obtain a list of all files on the device and download specific ones.

Another alarming feature of Hook is its ability to record all messages from WhatsApp and send messages through the affected user’s account, a serious problem for Android users. The malware is also equipped with a tracking system that can track the exact location of the device through the “Access precise location” permission. This highlights the importance of being vigilant and taking steps to protect your device and personal information from this advanced malware threat.

android virus impersonates brands