Kommentare zu folgendem Beitrag: Hook Malware lässt Hacker Dein Android-Smartphone steuern
Wer sich den vermeintlich harmlosen Webbrowser Google Chrome herunterladen will, könnte sich derzeit schnell die neue Hook-Malware einfangen.
Kommentare zu folgendem Beitrag: Hook Malware lässt Hacker Dein Android-Smartphone steuern
Hook Full command list
| Command (in bold if introduced in Hook) | Description |
|---|---|
| push | Shows a push notification (clicking on the notification will result in launching specified app) |
| startAuthenticator2 | Launches the Google Authenticator application |
| startAdmin | Triggers request for admin privileges |
| startApp | Starts the specified application |
| getInstallApps | Gets the list of applications installed on the device |
| getContacts | Gets the contact names and phone numbers from the address book of the infected device |
| deleteApplication | Triggers the removal of the specified application |
| forwardCall | Enables call forwarding to the specified number |
| sendSms | Sends a text message with specified text from the infected device to the specified phone number |
| SendSMSALL | Sends text messages with specified text from the infected device to all contacts of the infected device |
| startInject | Triggers the overlay attack against the specified application |
| startUssd | Executes the specified USSD code |
| openUrl | Opens the specified URL in the WebView |
| getSMS | Gets all text messages from the infected device |
| killMe | Triggers the kill switch for the bot |
| updateModule | Updates the payload module |
| updateInjectAndListApps | Triggers update of the target list |
| clearCash/clearCashe | Triggers opening specified application details |
| getAccounts/logAccounts | Triggers stealing a list of the accounts on the device |
| bitcoincom | com.bitcoin.mwallet - Bitcoin Wallet |
| trust | com.wallet.crypto.trustapp - Trust: Crypto & Bitcoin Wallet |
| mycelium | com.mycelium.wallet - Mycelium Bitcoin Wallet |
| piuk | piuk.blockchain.android - Blockchain Wallet. Bitcoin, Bitcoin Cash, Ethereum |
| samourai | com.samourai.wallet - Samourai Wallet |
| toshi | org.toshi - Coinbase Wallet: Crypto Wallet & DApp Browser |
| metamask | io.metamask - MetaMask: Buy, Send and Swap Crypto |
| start_vnc/stop_vnc | Start/stop RAT |
| getlocation | Obtains geolocation |
| addwaitview/removewaitview | Adds/removes a view used to cover malicious operations |
| addview/removeview | Adds/removes a view |
| getimages | Obtains list of all images |
| downloadimage | Downloads an image |
| makecall | Makes a call |
| calling | Makes a call |
| addcontact | Adds a contact |
| fmmanager | Operates as file manager |
| swipeup/swipedown/swipeleft/swiperight/swipe | Perform a specific swipe gesture |
| takescreenshot | Takes a screenshot |
| clickatcontaintext | Simulates click at specific text item |
| onkeyevent | Simulates a key press (HOME/BACK/RECENTS/LOCK/POWERDIALOG) |
| unlock | Unlocks device |
| scrollup/scrolldown | Scrolls up/down |
| longpress | Simulates a long press event |
| clickat | Simulates click at a specific coordinate |
| cuttext | Set clipboard value to a a UI element with specific coordinates value |
| clickattext | Simulates click at a UI element with specific text value |
| settext | Sets a UI element value to a specific text |
| safepal | io.safepal.wallet - SafePal: Crypto wallet BTC NFTs |
Hook Crypto-Wallet targets
| Package Name | App Name |
|---|---|
| com.bitcoin.mwallet | Bitcoin Wallet |
| com.wallet.crypto.trustapp | Trust: Crypto & Bitcoin Wallet |
| com.mycelium.wallet | Mycelium Bitcoin Wallet |
| piuk.blockchain.android | Blockchain Wallet. Bitcoin, Bitcoin Cash, Ethereum |
| com.samourai.wallet | Samourai Wallet |
| org.toshi | Coinbase Wallet — Crypto Wallet & DApp Browser |
| io.safepal.wallet | SafePal - Crypto wallet BTC NFTs |
| io.metamask | MetaMask - Buy, Send and Swap Crypto |
!! Betroffene deutsche Banking-Apps !!
| com.targo_prod.bad | TARGOBANK Mobile Banking |
|---|---|
| de.sdvrz.ihb.mobile.secureapp.sparda.produktion | SpardaSecureApp |
| de.traktorpool | tractorpool |
| de.comdirect.android | comdirect mobile App |
| de.fiducia.smartphone.android.banking.vr | VR Banking Classic |
| com.starfinanz.smob.android.sfinanzstatus | Sparkasse Ihre mobile Filiale |
| de.dkb.portalapp | DKB-Banking |
| de.postbank.finanzassistent | Postbank Finanzassistent |
| de.santander.presentation | Santander Banking |
| de.consorsbank | Consorsbank |
| de.number26.android | N26 — The Mobile Bank |
| de.mobile.android.app | mobile.de – Germany‘s largest car market |
| de.commerzbanking.mobil | Commerzbank Banking - The app at your side |
| com.db.mm.norisbank | norisbank App |
| de.ingdiba.bankingapp | ING Banking to go |
| eu.unicreditgroup.hvbapptan | HVB Mobile Banking |
| de.comdirect.app | comdirect |
| de.sdvrz.ihb.mobile.app | SpardaApp |
| com.db.pwcc.dbmobile | Deutsche Bank Mobile |
| de.adesso_mobile.secureapp.netbank | SecureApp netbank |