Breaking News
Zimperium Discovers New Hook Banking Trojan Variant With Most Advanced Capabilities to Date
Zimperium’s zLabs research team has identified a new variant of the notorious Hook Android banking trojan, now equipped with some of the most advanced capabilities seen in mobile malware to date. Dubbed Hook v3, this variant expands its arsenal to 107 remote commands, including 38 newly added, enabling attackers to steal data, hijack sessions, and bypass device defenses with unprecedented sophistication.
Among its most alarming new features:
- Ransomware-style overlays that display full-screen extortion messages.
- Fake NFC and payment card overlays to steal sensitive financial data.
- Lockscreen bypass through deceptive PIN and pattern prompts.
- Transparent overlays to silently capture user gestures.
- Real-time device streaming that allows attackers to monitor victims remotely.
In addition to phishing websites, Zimperium has observed Hook v3 being distributed via GitHub, where threat actors actively host malicious APK files. Other families such as Ermac, Brokewell, and SMS spyware are also being disseminated through similar channels — highlighting a broader trend of open-source platforms being abused for malware distribution.
“Hook v3 blurs the line between banking trojans, spyware, and ransomware,” said Nico Chiaraviglio, Chief Scientist at Zimperium. “Its rapid evolution and wide-scale distribution elevate the threat to financial institutions, enterprises, and mobile users worldwide. This discovery reinforces the urgent need for proactive, on-device defenses.”
The findings underscore how attackers continue to converge tactics across malware categories, creating threats that are more versatile and damaging than ever before. Zimperium remains committed to helping organizations stay ahead of evolving mobile threats with AI-driven, autonomous security.
People In This Post
Companies In This Post
- EXCLUSIVE: “Travelling Light” – Heman Daswani and Sairam Rangachari, Temenos in ‘The Paytech Magazine’ Read more
- AutoRek & Microsoft: Unlocking Value from Manual Processes Read more
- 82% of Insurers Say AI Will Define Their Future, But Only 14% Have Integrated It Read more
- Ripple Deepens Commitment to Brazil with Expanded Payments Offering, Growing Customer Momentum and VASP License Application Read more
- Colombian Fintech TumiPay Appoints Karina Sensebé as Regional Country Manager for Latin America Read more
Wio Bank PJSC Reports AED 61 Billion Assets and Record Revenue of AED 1.24 Billion in FY2025
Wio Bank reported a strong financial performance in FY2025, reflecting continued customer adoption and the expansion of its digital banking platform
Openbank Surpasses One Million Customers in Mexico After One Year of Operations
Openbank, the 100% digital bank of Grupo Santander, has surpassed one million customers in Mexico
Fintech Permutable AI Launches Asset Sentiment Indices as Global Market Volatility Accelerates
Fintech Permutable AI today announces the launch of its Institutional Asset Sentiment Indices, a dataset designed to transform millions of global narratives into structured market intelligence for institutional investors.
Starling Launches Free ‘Making Tax Digital’ Tool to Help Sole Traders Manage New Rules
Starling has made its proprietary Making Tax Digital for Income Tax tool available to business customers for free
OneVest Launches OneVest GO: The AI-Native Wealth Relationship Workspace Built for the Modern Independent Advisor
Following the successful launch of its Agentic Wealth Operating System, OneVest today announced OneVest GO. This standalone, AI-native wealth relationship workspace is built specifically for the independent powerhouse—the agile advisor and focused RIA team who prioritize client impact over administrative complexity.
Finastra Strengthens AI Capabilities with New Center of Excellence and Leadership Appointment
Finastra has announced the establishment of a centralized AI Center of Excellence (COE) and the appointment of Chris McClellen as SVP, Group Head of AI
Fingerprint Launches Industry-First MCP Server for Fraud Prevention
Fingerprint, a leader in device intelligence for fraud prevention, today announced the launch of its Model Context Protocol (MCP) Server, the first open-source MCP implementation in the fraud prevention space. The new server enables organizations to connect any AI assistant or agent directly to Fingerprint's device intelligence platform, turning complex fraud analysis that once took hours into real-time, AI-powered insights.
EXCLUSIVE: “Travelling Light” – Heman Daswani and Sairam Rangachari, Temenos in ‘The Paytech Magazine’
Share this post: Share on LinkedIn Share on X (Twitter) Share on Facebook Share on […]
AutoRek & Microsoft: Unlocking Value from Manual Processes
Share this post: Share on LinkedIn Share on X (Twitter) Share on Facebook Share on […]
82% of Insurers Say AI Will Define Their Future, But Only 14% Have Integrated It
New research from AutoRek finds that 82% of insurers believe AI will dominate the industry’s future,
Ripple Deepens Commitment to Brazil with Expanded Payments Offering, Growing Customer Momentum and VASP License Application
Ripple announced a major expansion of its presence across Brazil — marking a new chapter of institutional digital asset adoption
Colombian Fintech TumiPay Appoints Karina Sensebé as Regional Country Manager for Latin America
TumiPay announced the appointment of Karina Sensebé as Regional Country Manager for Latin America
Denise Johansson Takes the Reins as Sole CEO of Enfuce as Company is on Track to 10x Revenue by 2030
Enfuce today announces that Denise Johansson has taken the reins as sole CEO, as the company advances its ambition to become Europe’s number one issuer processor
FirstRand Bank First to Advance Blockchain Treasury Management in South Africa With Kinexys by J.P. Morgan
FirstRand Bank has set a new benchmark in South Africa for treasury managemen by leveraging Kinexys Digital Payments, for programmable, 24/7, near real-time payment transactions