• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Android Users Beware: New Hook Malware with RAT Capabilities Emerges

You are here: Home / General Cyber Security News / Android Users Beware: New Hook Malware with RAT Capabilities Emerges
January 19, 2023

Hook Malware

The menace actor guiding the BlackRock and ERMAC Android banking trojans has unleashed nonetheless one more malware for hire called Hook that introduces new abilities to access information stored in the gadgets and develop a distant interactive session.

ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that is marketed for sale for $7,000 for every thirty day period although featuring “all the abilities of its predecessor.”

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“In addition, it also provides to its arsenal Remote Access Tooling (RAT) capabilities, joining the ranks of family members such as Octo and Hydra, which are able performing a entire Product Take More than (DTO), and entire a whole fraud chain, from PII exfiltration to transaction, with all the intermediate steps, with no the need of added channels,” the Dutch cybersecurity agency stated.

A bulk of the monetary applications specific by the malware are found in the U.S., Spain, Australia, Poland, Canada, Turkey, the U.K., France, Italy, and Portugal.

Hook is the handiwork of a danger actor regarded as DukeEugene and signifies the newest evolution of ERMAC, which was 1st disclosed in September 2021 and is centered on a different trojan named Cerberus that had its supply code leaked in 2020.

“Ermac has usually been powering Hydra and Octo in terms of abilities and capabilities,” ThreatFabric researcher Dario Durando told The Hacker Information by way of email. “This is also recognized amid danger actors, who prefer these two households above Ermac.”

Hook Malware

“The deficiency of some type of RAT abilities is a big issue for a contemporary Android Banker, as it does not offer the possibility to execute Product Consider More than (DTO), which is the fraud methodology that is most very likely to be prosperous and not detected by fraud scoring engines or fraud analysts. This is most very likely what brought on the improvement of this new malware variant.”

Like other Android malware of its ilk, the malware abuses Android’s accessibility expert services APIs to perform overlay attacks and harvest all types of delicate facts these kinds of as contacts, get in touch with logs, keystrokes, two-factor authentication (2FA) tokens, and even WhatsApp messages.

It also sporting activities an expanded listing of apps to include ABN AMRO and Barclays, while the destructive samples themselves masquerade as the Google Chrome web browser to dupe unsuspecting users into downloading the malware:

  • com.lojibiwawajinu.guna
  • com.damariwonomiwi.docebi
  • com.yecomevusaso.pisifo

Amid the other big functions to be included to Hook is the capacity to remotely look at and interact with the monitor of the contaminated unit, attain data files, extract seed phrases from crypto wallets, and observe the phone’s area, blurring the line between spyware and banking malware.

ThreatFabric claimed the Hook artifacts noticed so considerably in a screening section, but noted it could be sent by means of phishing strategies, Telegram channels, or in the form of Google Perform Shop dropper apps.

“The primary downside of building a new malware is generally attaining sufficient believe in by other actors, but with the position of DukeEugene amid criminals, it is very probably that this will not be an issue for Hook,” Durando explained.

Uncovered this posting intriguing? Comply with us on Twitter  and LinkedIn to read much more exceptional content we write-up.


Some components of this report are sourced from:
thehackernews.com

Previous Post: «new research delves into the world of malicious lnk files New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Android Users Beware: New Hook Malware with RAT Capabilities Emerges
  • New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
  • 6 Types of Risk Assessment Methodologies + How to Choose
  • Over a Third of Recent ICS Bugs Still Have No Vendor Patch
  • Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals
  • Windows 11 System Restore bug preventing users from accessing apps
  • Hundreds of Malicious Packages Found in npm Registry
  • FTX: Over $400m Was Stolen from Bankrupt Exchange
  • Crypto-Exchange Used to Launder Ransomware Transactions Dismantled
  • Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information

Copyright © TheCyberSecurity.News, All Rights Reserved.