RedHook Android malware now uses Wireless ADB for shell access
Summary
A new variant of the RedHook Android malware has been discovered that leverages Android's Wireless Debugging feature to gain shell access. This new capability allows the malware to execute commands and control devices remotely without the need for a direct USB connection to a computer.
IFF Assessment
This malware's new ability to gain shell access via Wireless ADB without a physical connection significantly enhances its stealth and remote control capabilities, posing a greater threat to Android users.
Defender Context
Defenders should be aware of this evolving threat vector, as the use of Wireless ADB bypasses traditional USB-based detection methods. Mobile security solutions should be updated to detect this new RedHook variant and its methods of persistence and command execution.