Cybersecurity experts have issued a warning about a dangerous new Android malware called RedHook that can take control of smartphones, steal banking information and bypass many traditional security protections.

Android users are being urged to remain vigilant after cybersecurity researchers identified a sophisticated new malware strain known as RedHook, which is capable of gaining extensive control over infected devices and stealing sensitive financial information.

According to researchers, RedHook is more advanced than typical Android malware because it exploits the phone’s Wireless Android Debug Bridge (ADB) feature. By abusing this developer tool, attackers can gain deeper access to the operating system than most malicious apps.

How the RedHook Malware Spreads

The attack typically begins with a phishing message sent through SMS, WhatsApp, or fraudulent phone calls. Cybercriminals often impersonate banks, telecom providers or technical support teams and persuade victims to click a malicious link.

The link directs users to a fake website that closely resembles the Google Play Store, where they are encouraged to download a malicious Android application (APK).

Once installed, the fake app requests Accessibility permissions. Although these permissions are designed to help users with disabilities, they can also grant extensive access to device functions.

After permission is approved, the malware secretly enables Developer Options and activates Wireless ADB, allowing attackers to remotely control the device.

What Attackers Can Do

Once RedHook gains access, hackers may be able to:

  • Monitor your screen in real time
  • Record everything you type, including passwords
  • Unlock your phone remotely
  • Steal banking credentials and personal data
  • Intercept sensitive information
  • Take control of key device functions

Researchers also warn that RedHook includes persistence mechanisms that make it significantly more difficult to remove than older Android malware.

How to Protect Your Android Device

Cybersecurity experts recommend the following precautions:

  • Download apps only from the official Google Play Store
  • Never install APK files received through text messages, WhatsApp or unknown websites
  • Carefully review Accessibility permission requests before granting access
  • Keep “Install from Unknown Sources” disabled unless absolutely necessary
  • Use app-based authentication instead of SMS verification codes whenever possible
  • Keep Android and all installed apps updated with the latest security patches
  • Install reputable mobile security software for additional protection

Experts stress that users should be cautious of unsolicited messages urging immediate action, especially those requesting app downloads or personal information.