A recent virus attack on Android smartphones makes it possible for hackers to remotely control your device and access all of your data.Ā Hook, a new malware created by the same hackers who made the Android banking viruses BlackRock and ERMAC, opens up new avenues for remote interaction and access to files saved on devices.
Recall that BlackRock made it possible to steal your money and the passwords to all of your banking applications, whereas ERMAC can target cryptocurrency wallets by stealing the victims’ contact information and bank IDs. Due to the fact that fraudulent apps from the Google Play Store were in use to spread the infection. Hundreds of thousands of smartphones were affected.
Hackers are able to control your smartphone from a distance
The way the hackers choose to use this new malware makes it unique. It offers all the features of its predecessors, on which it is built. And would be offered for rent for slightly more than $5,000 per month.
Its primary capability, though, is the capacity to seize control of victims’ devices. Additionally, it expands its abilities with Remote Access capabilities, joining Octo and Hydra that can perform full device takeover (DTO) and finish a full fraud chain, from PII exfiltration to transaction, with all the steps in between, without the need for additional channels, according to Dutch cybersecurity firm ThreatFabric.
A “File Manager” command converts the virus into a file manager. Enabling hackers to download particular files of their choice and acquire a list of all things stored on the device. Another command for the popular instant messaging program WhatsApp allows Hook to preserve all chats. And even permits hackers to send messages using the victim’s account.
This malware is available on the global market, unlike other malware. In the US, Australia, Poland, Canada, Turkey, UK, Spain, France, Italy, and Portugal, Hook is focusing on banking apps.
Google removes 34 more malware apps from Play Store
The Google Play Store has been the target of fresh malware. The official Android and Chrome OS app stores’ security measures do not appear to have been able to stop a total of 34 apps, all of which appeared to be secure, from entering their catalogs and containing some of the most dangerous Trojans in recent history, including the now famous “Joker.”
The issue was exposed by SecneurX’s specialized security experts. They listed each application infected by the various viruses aimed at Android one by one.
Next, we’ll examine each and every harmful app that has evaded Google Play Protect’s safeguards and been accepted for publication in the Google Play store with their number of downloads. They include certain apps that have been infected with the notorious Joker malware. As well as other Trojans like Autolycos or Harly.
Gizchina News of the week
- Logo Design Maker – Joker – +1000
- Funny Emoji Keyboard – Joker – +10000
- Animal Doodle Drawing – Joker – +5000
- Paper Paint – Autolycos – +10000
- Dexterity QR Scanner – Joker – +500
- Heart Rate Monitor – Joker – +500
- Fun Paint & Coloring – Harly – +10000
- Beauty Christmas Songs – Joker – +1000
- Epica Gamebox & Hub – Harly – +10000
- Magic Face AI – Joker – +1000
- Love Sticker – Joker – +1000
- HD Screen Mirroring – Joker – +0
- Phone to TV – Joker – +1
- Photo Voice Translator – Joker – +1000
- Effect Voice Changer – Joker – +0
- Quick PDF Scanner – Joker – +0
- Easy Voice Change – Joker – +0
- Fast Language Translator – Joker – +500
- Perfect Face Swap – Joker – +5000
- Effects Photo Editor – Joker – +1000
- Super Emoji Editor & Sticker – Harly – +10000
- Blue Voice Changer – Harly – +10000
- Cool Screen Mirroring – Joker – +10000
- Phone Cleaner Lite – Joker – +5000
- Digital Clock – Always display – Autolycos – +100
- Live Wallpaper – HD 3D/4D – Autolycos – +500
- Grape Camera & Photo Editor – Harly – +5000
- Blood Glucose Recorder – Joker – +100
- Clever Clean – Batter Saver – Harly – +500
- Album Live Wallpaper & Theme – Harly – +1000
- Shortcut Screen Mirroring – Joker – +5000
- Mind Message – Joker – +1000
- Advanced Cast Screen – Joker – +500
- Coloring Painting – Joker – +1000
So, except for the most recent apps to be discovered, practically all apps had already been taken down from the Google Play store at the time this article was published. SecneurX has already notified Google to start the takedown process.
Also, you can see how each app in this campaign pretends to be a legitimate, helpful app. However, they conceal harmful software that can cost money by enrolling the user to premium services. Gaining private keys, and stealing sensitive data.
Due to all of these factors, we advise that if any of the applications are already available on a device, you should remove it right away.
The dangers of malware
Malware can cause a variety of dangers, including:
- Data theft: Malware can steal sensitive information such as login credentials, credit card numbers, and personal information.
- System damage: Malware can damage or delete files, slow down or crash the infected device or network.
- Network disruption: Malware can spread to other devices on a network, causing widespread disruption.
- Ransomware: Malware that encrypts a victim’s files and demands payment in exchange for the decryption key.
- Financial loss: Malware can drain bank accounts, make unauthorized purchases, or transfer money from the victim’s account.
- Privacy invasion: Malware can monitor a victim’s activity, take screenshots, record keystrokes, or use the victim’s camera and microphone.
- Botnets: Malware that turns the device into a “zombie”. It can be in use to launch Distributed Denial of Service (DDoS) attacks on other websites or networks.
- Identity theft: Malware can steal personal information used to steal the victim’s identity.
It is important to always be vigilant and take precautions to protect yourself from malware. In addition, we recommend keeping your software up to date and using reputable antivirus software. Also, don’t get apps that you are not sure of their source even in the Google Play Store. Additionally, stay away from APK files as much as possible.