The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Hook Android Banking Trojan Evolves

Sep 2, 2025 12:52:33 PM / by The Hivemind posted in Threat Bulletin, Evolving Threat, Android Malware, ransomware overlay, fake NFC overlay, phishing overlay, Accessibility Services abuse, lockscreen bypass, GitHub malware distribution, financial sector threats, Hook banking trojan

0 Comments

Verticals Targeted: Financial, Enterprises
Regions Targeted: Not specified
Related Families: Ermac, Brokewell

Executive Summary

Hook Version 3 is an advanced Android banking trojan with ransomware, phishing, and lockscreen bypass capabilities, posing significant risks to financial institutions and enterprises. Its distribution via phishing websites and GitHub amplifies its reach, necessitating robust mobile threat defenses.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More