This is reported by the online magazine The Hacker News and refers to an analysis of the security specialists from Threat Fabric. They had discovered that the creators of the Android Trojan Ermac are now offering even more dangerous malware.
Malware-as-a-Service
It’s again about a banking Trojan and again “Malware as a Service” – the cybercriminals offer their Trojan as a service on the dark web. This new Android malware is called Hook and is said to be able to remotely control mobile devices such as smartphones and tablets in real time via VNC (Virtual Network Computing).
Infographic: These are the most successful subject lines in phishing
The new malware is advertised as an Android banking trojan. Selling for $5,000 per month, it helps threat actors steal credentials from over 467 banking and crypto applications via in-display login pages. According to ThreatFabric, Hook and Ermac share a common code base. So you can say that Hook is an evolution that has now become much more dangerous due to new tricks. What makes the Trojan a major threat to Android users is that the backers can deploy it in real-time through a “VNC” module. While the victim is using their cell phone, the hacker can sniff out all the data and interact with the compromised device’s user interface.
The new system makes it possible to perform any action on the device, from exfiltration of personal information to money transactions.
“With this capability, Hook joins the ranks of malware families capable of performing a full DTO (Device Take-Over) and completing a complete fraud chain from PII exfiltration to transaction with all intermediate steps without needing additional channels,” warns ThreatFabric. This type of operation is much harder to detect by scam detection programs.
See also:
