Millions of Android users have been warned about new, previously undocumented malware that uses fake Google Chrome updates to trick users and put their devices at risk. This Trojan malware, named “Brokewell,” can siphon a user's data, access banking apps, spy on the user, and even give attackers full remote access to her Android device. can.
“Brokewell provides attackers with remote access to all assets available through mobile banking, posing a significant threat to the banking industry,” Dutch security firm ThreatFabric said in an analysis published this week. . The malware has “both data theft and remote control capabilities” and accesses the victim's Android device by forcing her to install Brokewell's Trojan on the victim's phone. .
It disguises itself as an update to a new version of Google Chrome, using a visual design similar to the genuine Chrome installation prompt to avoid suspicion. There are obvious grammatical errors, but they are common in this type of scam. Instead of saying “Your browser is meant to be yours,” like the original Google prompt, the fake Brokewell-infected version says “You need to update to make it yours.” Masu.
Once downloaded, Brokewell creates an overlay screen in front of the app you're using and can capture login details, steal session cookies, and even do things like type or click on your phone's screen. Steal funds from infected devices.
The malware itself is “a never-before-seen malware family with a wide range of capabilities,” ThreatFabric said. To make matters worse, Brokewell appears to be under active development and receives regular updates. ThreatFabric has traced the malware back to a hacker named Baron Samedit Marais, who reportedly sells it along with various other malicious tools through a site called Brokewell Cyber Labs.
“We have already observed near-daily updates to this malware, so we expect this malware family to evolve further,” the company said. “Brokewell will likely be promoted as a rental service on underground channels, attracting the attention of other cybercriminals and triggering new campaigns targeting different regions.”
How to protect yourself from Android malware
Android malware is nothing new. Earlier this month, it was discovered that hackers had injected scripts into his website to display fake Chrome update errors and infect unsuspecting users with malware. The first and most important thing you can do to protect yourself from Android malware is to be extremely careful when downloading and installing updates and new apps.
If you have a top-of-the-line Android smartphone, chances are it comes with Google Play Protect pre-installed. Make sure this app is enabled, as it can scan all your existing apps and any new apps you download for malware. Likewise, consider installing and running one of the best Android antivirus apps at the same time for added protection.