“Unmasking Hook: The Android Banking Trojan Born from ERMAC’s Legacy”

“Unmasking Hook: The Android Banking Trojan Born from ERMAC’s Legacy”

New Analysis Reveals Android Banking Trojan ‘Hook’ Based On ‘ERMAC’

  • The Android banking Trojan called ‘Hook’ is discovered to be based on its precursor, ‘ERMAC’.
  • This revelation is a result of an analysis conducted by NCC Group’s Security Researchers.
  • All commands (totalling 30) that could be sent to an ERMAC-infected device can also control a device infected by Hook

Hook – A Ghost Of ERMAC Past

Security techies, don’t lose your ‘hooks’ just yet, but it appears that our Android banks are at risk. In a ‘How The Grinch Stole Christmas’ themed plot twist, researchers have discovered that the notorious Android banking trojan called ‘Hook’ is, in actuality, a derivative of our least favorite Christmas ghost – ‘ERMAC’. The connection between ERMAC and Hook is not just congenital, but more genetic, as the latter’s code is closely related to the former’s, almost like ERMAC passed on its mal-intended DNA!

A Complex Family Tree For Simple Mayhem

Unveiling the mysterious heritage of this malicious code, security researchers Joshua Kamp and Alberto Segura from NCC Group transparently laid out the complex lineage of the Hook malware. They concluded that ‘all 30 commands that a malware operator sends to an ERMAC-infected device can similarly control a Hooked device’. Now, this makes Hook an equally skilled puppeteer as ERMAC, but we’re not quite ‘hooked’ on that!


A recent study by NCC Group security researchers Joshua Kamp and Alberto Segura unveiled the grim reality of what we’ve been fearing: Hook, an Android Banking Trojan, has been proven to carry the grim legacy of its ancestor malware ERMAC. Apart from inheriting its not-so-enviable skillset, the Hook malware can also control the same set of commands as ERMAC does, like a ‘chip off the old block’. So, next time you’re dealing with Hook, remember – it’s an ‘apple’ that fell not so far from the ERMAC ‘tree’, only it’s got more worms!

Now that we’re familiar with the family tree lineage of these malwares, we can metaphorically call ourselves malware genealogists, and that’s a title to hang your ‘Hooks’ on!

Original Article: https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html

Leave a Reply

Your email address will not be published. Required fields are marked *


Your Cart Is Empty

No products in the cart.