This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device.

This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device.

      An upgraded version of the RedHook Android malware is spreading, and it can hijack your phone without the need for root access or a USB cable. Researchers at Group-IB uncovered this enhanced variant, marking a notable advancement from the one identified in 2025. The most alarming aspect? It exploits a built-in feature of Android to execute its attack.

      How RedHook malware deceives your Android device into relinquishing control

      The attack begins with a deceptive text or phone call that poses as your bank or a government entity, directing you to a fraudulent Google Play site to download a malicious app. Once the app is installed, it requests Accessibility permissions that enable it to interact with other apps and system settings on your behalf.

      If you grant these permissions, the malware discreetly activates Developer Options and enables Wireless ADB, a feature that permits remote control of your phone over Wi-Fi.

      From that point, it links to your phone’s debugging service using an internal address and connects by reading a code from your screen. This grants it shell-level privileges, providing control far beyond that of a standard app, all without needing root access.

      The latest version of RedHook utilizes a legitimate developer tool called Shizuku to carry out commands in the background, allowing it to acquire more permissions and make alterations that would typically require user consent.

      Why the upgrade enhances RedHook's danger

      Once inside, attackers can execute 53 different commands. They are capable of live screen monitoring, taking screenshots, navigating your phone, locking or unlocking it, silently installing or deleting applications, accessing your texts and contacts, turning on your camera, and rebooting your device remotely.

      RedHook also employs various techniques to remain persistent, including running dual services that restart each other if one is terminated and modifying its own system priority to prevent shutdown.

      To protect yourself, only download apps from the official Google Play Store, be vigilant about any requests for Accessibility permissions, and ensure that Play Protect is enabled.

This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device. This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device. This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device. This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device. This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device. This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device. This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device.

Other articles

Google Home Speaker (2026) review: More intelligent and powerful, but with a subscription cost. Google Home Speaker (2026) review: More intelligent and powerful, but with a subscription cost. The newest version of the Google Home Speaker offers an enticing combination of effective voice controls, unexpectedly robust audio performance, and the most sophisticated set of smart home features available in a speaker priced under $100. How to install the macOS 27 Golden Gate public beta on your Mac? How to install the macOS 27 Golden Gate public beta on your Mac? No developer account is needed. The public beta of macOS 27 Golden Gate is now available for installation via System Settings, and it introduces Siri AI directly to your Mac. Huawei Digital Power now competes with Tesla's energy division in terms of revenue. Huawei Digital Power now competes with Tesla's energy division in terms of revenue. Huawei Digital Power recorded 68.7 billion yuan in 2025, an increase of 24%, bringing it close to Tesla’s energy division, which is valued at $12.8 billion. This website is a treasure trove for those who enjoy Mac menu bar applications. This website is a treasure trove for those who enjoy Mac menu bar applications. MacMenuBar is a carefully organized directory featuring over 1,500 Mac menu bar applications, categorized into groups such as clipboard managers, timers, and window managers. Here's why you should consider bookmarking it. Ericsson's revenue declines by 6% due to rising component costs and a decrease in licensing income. Ericsson's revenue declines by 6% due to rising component costs and a decrease in licensing income. Ericsson's revenue for Q2 declined by 6% to SEK 52.7 billion, although the adjusted operating profit exceeded expectations. Ekholm has raised concerns regarding the costs of components and pricing. NestAI from Finland is developing the AI infrastructure that European armed forces seek to possess. NestAI from Finland is developing the AI infrastructure that European armed forces seek to possess. Finland, Estonia, and the Helsinki-based lab NestAI have entered into an agreement regarding defense AI. There is no financial transaction involved. The emphasis is on maintaining sovereign control of the code.

This Android malware is capable of monitoring your screen, accessing your messages, and remotely controlling your device.

A revised variant of the RedHook Android malware utilizes the built-in debugging feature of your phone to remotely control your device, bypassing the need for root access or a USB cable.