"Malware Blurs Line Between Banking Trojan and Surveillance"

Hook is an Android banking Trojan that can take remote control of mobile devices. The Trojan, which the cybersecurity company ThreatFabric identifies as an improved variant of the existing Ermac Trojan, can carry out an entire attack chain, from infection to fraudulent transactions. Hook abuses a screen-sharing implementation known as virtual network computing to achieve the functionality of a remote access tool that can take screenshots, mimic clicks, and input swipe gesture commands. In addition, it is capable of transmitting geolocation data and taking over files. Hook can also launch the WhatsApp chat application to extract messages and send a news message, which could be used to spread the malware. DukeEugene, a threat actor who has been renting Ermac, began offering Hook in mid-January, according to ThreatFabric. This article continues to discuss findings regarding the Hook Android banking Trojan characterized as an improved version of the existing Ermac Trojan. 

InfoRiskToday reports "Malware Blurs Line Between Banking Trojan and Surveillance"