Hook Version 3 The Banking Trojan with The Most Advanced Capabilities
Zimperium’s zLabs research team has uncovered a new variant of the Hook Android banking trojan, now featuring some of the most advanced capabilities we’ve seen to date. This version introduces:
- Ransomware-style overlays that display extortion messages
- Fake NFC overlays to trick victims into sharing sensitive data
- Lockscreen bypass via deceptive PIN and pattern prompts
- Transparent overlays to silently capture user gestures
- Stealthy screen-streaming sessions for real-time monitoring
In total, the malware now supports 107 remote commands — with 38 newly added in this update. There is growing evidence that the malware is being distributed on a large scale, not only through phishing websites but also via GitHub, where threat actors are actively leveraging the platform to host and spread malicious APK files.
To read the complete article see:
This post is licensed under CC BY 4.0 by the author.