There is a new virus roaming the Android operating system and it is extremely dangerous . This is because it can take full control of your phone in real time and even steal money from your bank account, so it’s important to exercise caution if you don’t want to suffer the consequences.
The malware has been dubbed “Hook” by cybercriminals trying to sell it. This malware has been promoted by user Ermac, who reports that this malware is an Android banking Trojan that sells for $5,000/month . To give you an idea of how damaging it can be, the virus has hijacked credentials from more than 467 banking applications via overlay login pages. A very cunning methodology that goes unnoticed by the vast majority of users.
A very dangerous virus
From ThreatFabric they point out that Hook is a very dangerous Android malware, since it offers a wide range of capabilities, making it a real threat to the community. The virus is based on another malicious program known as Ernac, although the researchers point out that it is an evolution that goes even further. One of the novelties that it keeps is the introduction of WebSocket communication, which joins Ermac’s HTTP traffic. Another important addition is that the “VNC” module that it displays to cybercriminals allows them to interact with the phone screen in real time.
This means that Hook operators can carry out any action on the phone, both extortion of personal information and monetary transactions.
“With this feature, Hook joins the ranks of malware families that are capable of performing full DTO, and completing an entire fraud chain, from PII exfiltration to transaction, with all steps in between, without the need to additional channels,” they say from ThreatFabric.
The commands that can be executed by the Hook virus on Android are the following:
- Start/stop RAT.
- Perform a specific swipe gesture.
- Take a screenshot.
- Simulate a click on a specific text element.
- Simulate the press of a key.
- Unlock the device.
- Scroll up/down.
- Simulate a long press.
- Simulate clicking on a specific coordinate.
- Set the clipboard value to a UI element with a specific coordinate value.
- Simulate clicking on a UI element with a specific text value.
- Set the value of a UI element to a specific text.
You have to be very careful
As you can see, the Android malware known as Hook can do just about anything , but the above is just the foundation of this malicious program. Mainly, because, in addition to the above list, the virus can trigger a file manager command , allowing cybercriminals to get a list of all files on the phone and download specific ones.
Another command that ThreatFabric colleagues have detected has to do with WhatsApp. Hook can record all messages from the messaging app , as well as send messages through the affected user’s own account. A serious problem for Android. This along with a tracking system that tracks the exact position through the “Access precise location” permission.