HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands thehackernews.com/2025/08/h…

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages.

“A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment,” Zimperium zLabs researcher Vishnu Pratapagiri said. “This overlay presents an alarming ‘WARNING’ message, alongside a wallet address and amount, both of which are dynamically retrieved from the command-and-control server.”