Information security experts from ThreatFabric have warned about a new virus named for the Android operating system called Hook. Once on a smartphone or tablet, the malware transfers user data and takes full control of the device. It is a fork of the entire Ermac malware family that made a splash two years ago.
Most of the code base of the new virus was borrowed from Ermac, including some commands in Russian. Hook has the ability to manage files on the device’s file system, as well as create a remote session that can interact with the system’s interface. At the same time, the new version of the malware contains quite a few modifications compared to its predecessor. It uses the same encryption mechanisms, and once installed and configured, it tries to contact the server using regular HTTP traffic. However, a distinguishing feature of the virus is the possibility of remote access to the computer desktop (VNC).
Hook interacts with various system interface elements necessary to perform a wide range of operations. For example, the program can access contacts, call history, correspondence, two-factor authentication codes, and so on. In addition, with the help of this virus, an attacker can imitate clicks, gestures, fill in text fields – in fact, completely control the smartphone.
Apparently, the main targets of the virus are fraudulent activities related to finances. These are banking operations and operations with cryptocurrency.
Source: Trash Box
Charles Grill is a tech-savvy writer with over 3 years of experience in the field. He writes on a variety of technology-related topics and has a strong focus on the latest advancements in the industry. He is connected with several online news websites and is currently contributing to a technology-focused platform.