Security techies, don’t lose your ‘hooks’ just yet, but it appears that our Android banks are at risk. In a ‘How The Grinch Stole Christmas’ themed plot twist, researchers have discovered that the notorious Android banking trojan called ‘Hook’ is, in actuality, a derivative of our least favorite Christmas ghost – ‘ERMAC’. The connection between ERMAC and Hook is not just congenital, but more genetic, as the latter’s code is closely related to the former’s, almost like ERMAC passed on its mal-intended DNA!
Unveiling the mysterious heritage of this malicious code, security researchers Joshua Kamp and Alberto Segura from NCC Group transparently laid out the complex lineage of the Hook malware. They concluded that ‘all 30 commands that a malware operator sends to an ERMAC-infected device can similarly control a Hooked device’. Now, this makes Hook an equally skilled puppeteer as ERMAC, but we’re not quite ‘hooked’ on that!
A recent study by NCC Group security researchers Joshua Kamp and Alberto Segura unveiled the grim reality of what we’ve been fearing: Hook, an Android Banking Trojan, has been proven to carry the grim legacy of its ancestor malware ERMAC. Apart from inheriting its not-so-enviable skillset, the Hook malware can also control the same set of commands as ERMAC does, like a ‘chip off the old block’. So, next time you’re dealing with Hook, remember – it’s an ‘apple’ that fell not so far from the ERMAC ‘tree’, only it’s got more worms!
Now that we’re familiar with the family tree lineage of these malwares, we can metaphorically call ourselves malware genealogists, and that’s a title to hang your ‘Hooks’ on!
Original Article: https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html
No products in the cart.