learn to track

New ‘Brokewell’ Android Malware Steals User Data and Accesses Banking Apps

TL;DR: A new Android malware called ‘Brokewell’ disguises itself as a Google Chrome update to steal user data, access banking apps, and grant remote access to devices. ThreatFabric warns of its ongoing development and potential for widespread distribution through underground channels.

Millions of Android users are at risk due to a new, previously undocumented malware named “Brokewell.” This Trojan malware can steal user data, access banking apps, spy on users, and even allow attackers to gain full remote access to Android devices.

A major threat.

Dutch security firm ThreatFabric issued a warning about Brokewell in an analysis published this week. The malware, equipped “with both data-stealing and remote-control capabilities,” gains access to victims’ Android devices by tricking them into installing the Brokewell Trojan on their phones.

It’s disguised as an update for a new version of Google Chrome, even using a similar visual design as a legitimate Chrome installation prompt to avoid suspicion, albeit with some obvious grammatical errors – a common tell for these kinds of scams. Instead of saying “The browser built to be yours” like on the original Google prompt, the Brokewell-infested fake version reads “An update is required yours.”

Once downloaded, Brokewell creates an overlay screen in front of whatever apps you’re using to capture login details, steal session cookies, and even type or click on the phone’s screen to steal funds from the compromised device.

Brokewell: A New Malware Family

ThreatFabric described Brokewell as “a previously unseen malware family with a wide range of capabilities.” Worse still, Brokewell appears to be in active development and receives regular updates.

ThreatFabric traced the malware back to a hacker named Baron Samedit Marais, who is reportedly selling it along with a range of other malicious tools through a site called Brokewell Cyber Labs.

“We anticipate further evolution of this malware family, as we’ve already observed almost daily updates to the malware,” the firm said. “Brokewell will likely be promoted on underground channels as a rental service, attracting the interest of other cybercriminals and sparking new campaigns targeting different regions.”

Staying Safe from Android Malware

Android malware is far from uncommon. Just earlier this month, hackers were found to be injecting scripts into websites to display fake Chrome update errors to infect unsuspecting users with malware.

When it comes to protecting yourself from Android malware, the first and most important thing you can do is to be extra careful when downloading and installing any updates or new apps.

If you have one of the best Android smartphones, odds are it’ll come with Google Play Protect pre-installed. Be sure to make sure that this app is enabled, as it can scan all of your existing apps and any new ones you download for malware.

Likewise, for additional protection, you may also want to consider installing one of the best Android antivirus apps to run alongside it.

Stay vigilant.


Add comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.