RedHook variant weaponizes Wireless ADB to gain shell control on Android

1 min read
Source: BleepingComputer
RedHook variant weaponizes Wireless ADB to gain shell control on Android
Photo: BleepingComputer
TL;DR Summary

A new RedHook Android malware variant abuses Wireless ADB to obtain shell-level privileges without a PC by tricking victims into granting Accessibility permissions and using Shizuku to run privileged commands. It effectively turns the phone into its own ADB client (via 127.0.0.1), enabling 53 commands including screen streaming, input simulation, app install/uninstall, data theft, overlays, and even camera access, all without device rooting. The malware uses multiple persistence methods (silent audio, WakeLocks, dual services, watchdog, boot autostart, and oom_score_adj) and is distributed via social engineering that impersonates government or financial institutions to push fake Google Play sites. Users are advised to only install from Google Play, scrutinize permissions, and keep Play Protect enabled.

Share this article

Reading Insights

Total Reads

0

Unique Readers

1

Time Saved

4 min

vs 5 min read

Condensed

88%

906113 words

Want the full story? Read the original article

Read on BleepingComputer