Tekmono
  • News
  • Guides
  • Lists
  • Reviews
  • Deals
No Result
View All Result
Tekmono
No Result
View All Result
Home News
New Android malware exploits wireless ADB to steal bank information

New Android malware exploits wireless ADB to steal bank information

by Tekmono Editorial Team
13/07/2026
in News
Share on FacebookShare on Twitter

Researchers have discovered new malware for Android that can secretly empty bank accounts by gaining deep access to devices through wireless ADB. This malware is an enhanced version of the RedHook remote access trojan (RAT) identified last year and features multiple anti-detection functions.

Originally targeting victims in Vietnam, the malware has now shown signs of expanding its reach to other parts of Southeast Asia, particularly Indonesia. According to cybersecurity research firm Group-IB, the RedHook trojan infiltrates devices when victims click links sent via text messages, phone calls, emails, or social media.

Attackers often impersonate support agents or employees from trusted organizations to persuade users to install an APK from a fake website mimicking the Google Play Store. After installation, users are tricked into granting Accessibility permissions under the pretense that these are necessary for normal app functionality.

Related Reads

AMD set to showcase first Zen 6 Epyc Venice CPUs at Advancing AI summit

Insta360 X6 leak shows compact design and pricing ahead of launch

False Echo, a WWII cryptography thriller, announced for PC

Robinhood introduces AI trading agents for crypto as 70,000 join beta program

Once these permissions are granted, the malware can enable wireless ADB by navigating to Developer options, gaining full control of the device. This allows attackers to access keystrokes, screen locks, and screen streaming.

The upgraded RedHook uses advanced techniques to make it nearly impossible to remove. It employs a WakeLock to keep the malware running constantly and can keep the screen active by enabling a nearly invisible 1×1 pixel, convincing Android to treat it as a key process that should not be terminated.

Group-IB notes that this version of RedHook utilizes a “two-service cross-process resurrection mechanism,” allowing two functions to revive each other if one is killed, complicating removal efforts.

To protect against such threats, users are advised to download apps only from official sources like the Google Play Store. Caution is advised when downloading APKs, with close attention to permission requests. Evidence suggests that Android may address a security loophole by disabling access to Developer options in future updates, but until then, users should avoid suspicious links in emails, texts, or social media.

Tags: androidMalware
ShareTweet

You Might Be Interested

AMD set to showcase first Zen 6 Epyc Venice CPUs at Advancing AI summit
News

AMD set to showcase first Zen 6 Epyc Venice CPUs at Advancing AI summit

13/07/2026
Insta360 X6 leak shows compact design and pricing ahead of launch
News

Insta360 X6 leak shows compact design and pricing ahead of launch

13/07/2026
False Echo, a WWII cryptography thriller, announced for PC
News

False Echo, a WWII cryptography thriller, announced for PC

13/07/2026
Robinhood introduces AI trading agents for crypto as 70,000 join beta program
News

Robinhood introduces AI trading agents for crypto as 70,000 join beta program

13/07/2026
Please login to join discussion

Recent Posts

  • AMD set to showcase first Zen 6 Epyc Venice CPUs at Advancing AI summit
  • Insta360 X6 leak shows compact design and pricing ahead of launch
  • False Echo, a WWII cryptography thriller, announced for PC
  • Robinhood introduces AI trading agents for crypto as 70,000 join beta program
  • Major U.S. banks join U.K. tokenization taskforce to reshape financial markets

Recent Comments

No comments to show.
  • News
  • Guides
  • Lists
  • Reviews
  • Deals
Tekmono is a Linkmedya brand. © 2015.

No Result
View All Result
  • News
  • Guides
  • Lists
  • Reviews
  • Deals

This website uses cookies to improve your experience. You can choose to accept or reject them. Visit our Privacy Policy.