Redhook: a new android banking trojan targeting users in vietnam

Intel Name: Redhook: a new android banking trojan targeting users in vietnam

Date of Scan: August 11, 2025

Impact: High

Summary:
RedHook is a sophisticated Android banking trojan targeting Vietnamese users via fake government and financial websites. It uses WebSocket to connect to its command server and supports over 30 remote commands for full device control. Developed likely by a Chinese-speaking group, it remains stealthy with low antivirus detection. Distributed through a phishing site impersonating the State Bank of Vietnam, it tricks users into downloading a malicious APK hosted on an AWS S3 bucket.

More Details