• Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
Tech News, Magazine & Review WordPress Theme 2017
  • Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
No Result
View All Result
  • Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
No Result
View All Result
Blog - Creative Collaboration
No Result
View All Result
Home Android

This malware has a resurrection feature to stop it from dying

July 13, 2026
Share on FacebookShare on Twitter

TL;DR

  • Researchers have discovered a new malware that gains deep access to your phone and obtains high-level permissions via wireless ADB to empty your bank accounts.
  • This is an enhanced version of the RedHook remote access trojan spotted last year, but with multiple anti-detection functions.
  • Though this malware was originally targeted at victims in Vietnam, it has since shown signs of expanding to other parts of Southeast Asia, including Indonesia.

Wireless ADB (Android Debug Bridge) is one of those tools that makes life a little easier for developers and enthusiasts alike. On the other hand, some of these tools continue to be exploited by malicious actors to facilitate mass financial scams on unsuspecting victims. An extensive report now discloses one such malware.

Cybersecurity research firm Group-IB details how this Android remote access trojan (RAT), known as RedHook, infiltrates devices when victims click links sent via text messages, phone calls, email, or other social media platforms. Attackers may impersonate support agents or employees of trusted and popular organizations to trick users (via Bleeping Computer).

The victims are then convinced to install an APK, typically through a fake website that may look a lot like the Google Play Store, but isn’t.

Once the malicious APK has been installed, users are tricked into granting Accessibility permissions under the guise that it is necessary for the app to function normally. Using these permissions, the malware can stealthily enable wireless ADB by navigating to Developer options, thereby gaining shell access (UID 2000). At this point, the trojan has full control of the device, giving attackers access to your keystrokes, screen locks, and screen streaming.

RedHook was first discovered by researchers at Cyble last year, and this appears to be an upgraded version. It uses more devious techniques to make it virtually impossible to remove from the device, such as using a WakeLock to trick the system into keeping it running at all times. Moreover, this trojan can also keep the screen turned on by enabling a 1×1 pixel that is virtually imperceptible to the user, thereby convincing Android that it’s a key process that shouldn’t be killed.

More crucially, this upgraded version of RedHook uses what Group-IB terms “a two-service cross-process resurrection mechanism.” Simply explained, these are two functions that can resurrect each other when the other is killed, making them difficult to eliminate.

While this malware was initially targeted at individuals in Vietnam, the attackers have since reportedly expanded to Indonesia.

What can you do to stay safe?

As with previous malware attacks, people are recommended to always download apps from official sources such as the Google Play Store. Exercise discretion if you absolutely need to download and install an APK, and always keep a close eye on permission requests.

We’ve recently seen evidence that Android may close a security loophole by disabling access to Developer options as part of Advanced Protection. But until this feature officially arrives on Android, the best way to stay safe is to avoid any suspicious links you find in your emails, text messages, or social media apps.

Thank you for being part of our community. Read our Comment Policy before posting.

Next Post

the research says juniors using AI never learn to debug

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

No Result
View All Result

Recent Posts

  • Galaxy Z Flip 8 rumors: Release date, colors, specs, and more
  • Everything New In Palworld 1.0 – New Pals, Mechanics, Tools, And More
  • Best microSD, SSD, and hard drive deals this week (July 13, 2026)
  • You can now spot AI-generated Google ads, if you know where to look
  • Starbucks has dropped a new Pink Drink Bearista Cup — how to get yours today

Recent Comments

    No Result
    View All Result

    Categories

    • Android
    • Cars
    • Gadgets
    • Gaming
    • Internet
    • Mobile
    • Sci-Fi
    • Home
    • Shop
    • Privacy Policy
    • Terms and Conditions

    © CC Startup, Powered by Creative Collaboration. © 2020 Creative Collaboration, LLC. All Rights Reserved.

    No Result
    View All Result
    • Home
    • Blog
    • Android
    • Cars
    • Gadgets
    • Gaming
    • Internet
    • Mobile
    • Sci-Fi

    © CC Startup, Powered by Creative Collaboration. © 2020 Creative Collaboration, LLC. All Rights Reserved.

    Get more stuff like this
    in your inbox

    Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

    Thank you for subscribing.

    Something went wrong.

    We respect your privacy and take protecting it seriously