Android Users Beware: New Hook Malware With RAT Capabilities Emerges

Another day, another malware was released into the world. This time, Android phones are the target. Everyone knows that Google builds this operating system. However, that doesn’t make it immune to malware.

Hook is the newest evolution of ERMAC, and it has the potential to take over an entire device through Remote Access Tooling capabilities. Now, most people would think that hacking software would be incredibly expensive and be used only for specific purposes. However, cybercriminals have advertised it for $7000 per month.

android phone
Photo by Denny Müller on Unsplash

What does it do?

As more and more people are aware of cybersecurity threats, hackers are thinking of newer and more sophisticated ways to breach systems and wreak havoc on the world. Hydra was one of the most popular Android banking malware families, but it could be taken over by Hook.

The reason why these viruses are so dangerous is that they have the capability to perform a Device Take Over. This allows them to remotely interact with the screen, view everything, export logs, keystrokes, and even bypass two-factor authentication. If you have an Android phone and you think you’re safe, you’re probably not.

Most of the damage happens through Google Chrome, where people download a malicious sample that has the potential to gain control over the device.

Hook is now considered to be one of the most dangerous malware because it can track locations and extract seed phrases from crypto wallets. Fortunately, it was discovered in its infancy, and cybersecurity professionals consider it to be in a testing phase. However, no one knows where or how it’s being distributed. Currently, the best guesses are Google Play Store applications and Telegram channels.

Are there any other security risks?

Generally, Android phones have more security issues compared to iOS devices. Most Android users decide to root their phones as soon as they get them to install specific applications. That bypasses the most important layer of protection and allows malicious code to be installed without question. If you’ve got a business and most of your employees are using Android company phones, bear in mind that you could have higher chances of getting attacked by a hacker.

Next on the list is malware hidden in the Google Play Store. Anyone can create an app and list it on the Play Store. The rules aren’t strict, and most apps don’t go through a review before being listed. Hackers can create anything from a kid’s game all the way to an antivirus simulation to get you to install what they want. On top of that, they can exploit code vulnerabilities in existing apps to compromise all affected devices.

What can you do?

The number one thing you can do to protect your smartphone is to install VPN for phones. It masks your IP address and makes you invisible when you’re connecting to a public network. No one can attack an invisible target, not even hackers.

Protecting yourself from prying eyes reduces the chances of being attacked. Not only that, but modern VPN services check websites before opening them and scan executable files before downloading them. Even if you fall for a phishing attack, you’ll still have a safety net that protects you from harm.

Next come updates. Most people roll their eyes whenever they see a new update because they need to waste a couple of minutes and wait for their phone to reboot. Don’t be that person. Updates mainly serve to increase protection and not to mess around with the UI of the phone (even though that happens sometimes). Still, it’s better to wait for a while and do nothing while your phone’s security improves than to lose access to it because of malware.

Finally, try not to fall for phishing scams. That’s easier said than done. Hackers realized that the weakest link in the cybersecurity chain is people. For that reason, they’re creating fake accounts, websites, and stories to lure you in and get access to your device.

Over the past couple of years, there have been multiple cases where millions of dollars have been stolen through false job adverts. The easiest way to protect yourself is to not click on any suspicious links and not to trust anyone who sends you an email out of nowhere.



About Joel Levy 2601 Articles
Editor-In-Chief at Toronto Guardian. Photographer and Writer for Toronto Guardian and Joel Levy Photography