NCC Group researchers discovered that the Hook Android banking trojan was developed using the source code of the ERMAC backdoor, reports The Hacker News. Aside from featuring all 30 commands used by ERMAC, the Hook malware also has up to 38 new commands, including screen streaming and user interface interactions for device takeovers, photo capturing, Google login session-related cookie exfiltration, and expanded cryptocurrency wallet recovery seed targeting, as well as self-propagation through SMS delivery to various numbers, according to NCC Group.

Source: SC Magazine