FF News Logo
Thursday, April 30, 2026
Bottomline x FFNews

Breaking News

Navigating the Evolution of Private Student Financing for Higher Education Origami Risk’s P&C Platform Selected by Gramercy Risk Management Datamatics Expands Client Relationship with a Fast-Growing American Insurtech Firm to Drive AI-Led Operations Transformation Marsh Risk Unveils AI-Powered Risk Companion Suite of Analytics to Empower Clients With Faster, Smarter Risk Management Roamly Launches World’s First Real-Time Insurance for Autonomous Fleets with a 50% Discount Root Insurance Launches 24-Hour Agent Appointment Program, Setting New Industry Standard for Speed BMS Group Selects mea Platform’s AI Products to Advance Placement Efficiency Through Digital Broking Operations Track Claims “Like Food Delivery” With New Insly Claims Portal Ebury, Santander’s International Payments Fintech, Secures C.£550 Million to Accelerate Growth and Global Expansion InDebted Founder Returns to Product as AI Acceleration Opens New Era for Global Collections Infrastructure Rogo Raises $160M Series D to Scale the Agentic Platform for Finance Tassat Upgrades Lynq to Avalanche to Scale Institutional Settlement Network Black Ore Launches Tax Autopilot for Broad Availability Rise in AI-driven Customer Vulnerability Fraud Poses New risk to Financial Services, Warns MorganAsh MOTMX Partners with Uphold to Launch First Pre-Built Crypto-Backed Rewards Product for Financial Institutions
Zimperium’s zLabs research team uncovers Hook v3 Android banking trojan with 107 commands, including ransomware overlays, fake NFC prompts, and real-time device streaming, raising new mobile security concerns.

August 26 2025

Zimperium Discovers New Hook Banking Trojan Variant With Most Advanced Capabilities to Date

Share this post:

Share on LinkedIn Share on WhatsApp

Zimperium’s zLabs research team has identified a new variant of the notorious Hook Android banking trojan, now equipped with some of the most advanced capabilities seen in mobile malware to date. Dubbed Hook v3, this variant expands its arsenal to 107 remote commands, including 38 newly added,  enabling attackers to steal data, hijack sessions, and bypass device defenses with unprecedented sophistication.

Among its most alarming new features: 

  • Ransomware-style overlays that display full-screen extortion messages.
  • Fake NFC and payment card overlays to steal sensitive financial data.
  • Lockscreen bypass through deceptive PIN and pattern prompts.
  • Transparent overlays to silently capture user gestures.
  • Real-time device streaming that allows attackers to monitor victims remotely.

In addition to phishing websites, Zimperium has observed Hook v3 being distributed via GitHub, where threat actors actively host malicious APK files. Other families such as Ermac, Brokewell, and SMS spyware are also being disseminated through similar channels — highlighting a broader trend of open-source platforms being abused for malware distribution.

“Hook v3 blurs the line between banking trojans, spyware, and ransomware,” said Nico Chiaraviglio, Chief Scientist at Zimperium. “Its rapid evolution and wide-scale distribution elevate the threat to financial institutions, enterprises, and mobile users worldwide. This discovery reinforces the urgent need for proactive, on-device defenses.” 

The findings underscore how attackers continue to converge tactics across malware categories, creating threats that are more versatile and damaging than ever before. Zimperium remains committed to helping organizations stay ahead of evolving mobile threats with AI-driven, autonomous security.

People In This Post

Nicolás Chiaraviglio| Fintech Finance News

Nico Chiaraviglio

Zimperium

Companies In This Post

Zimperium | Fintech Finance News

Zimperium
  1. Navigating the Evolution of Private Student Financing for Higher Education

    Thought Leadership

     Read more
  2. Origami Risk’s P&C Platform Selected by Gramercy Risk Management

    Insurtech

     Read more
  3. Datamatics Expands Client Relationship with a Fast-Growing American Insurtech Firm to Drive AI-Led Operations Transformation

    Insurtech

     Read more
  4. Marsh Risk Unveils AI-Powered Risk Companion Suite of Analytics to Empower Clients With Faster, Smarter Risk Management

    Insurtech

     Read more
  5. Roamly Launches World’s First Real-Time Insurance for Autonomous Fleets with a 50% Discount

    Insurtech

     Read more
ITC Europe x FF News
More On