TechBrokewell Trojan masquerades as Chrome update to hijack Android devices

Brokewell Trojan masquerades as Chrome update to hijack Android devices

In the Android ecosystem, a new threat named Brokewell has surfaced. This banking Trojan can hijack devices and pilfer application login credentials, potentially leading to financial losses for users. It masks itself as an update for Google Chrome to invade smartphones.

Beware of false update information
Beware of false update information
Images source: © Pixabay, Threat Fabric, Dobreprogramy

10:29 AM EDT, April 28, 2024

The experts at Threat Fabric have unveiled details about this menace. Brokewell, a recognized banking Trojan, falls into the category of info stealers. These malign entities sneak into victims' smartphones to extract specific data and transmit it to the assailants' servers. The data harvested in such manners is instrumental for orchestrating further attacks, commandeering social media profiles, and initiating bank frauds.

Often, the vulnerability lies within the users, who fall for the manipulated notification about an update. The perpetrators behind Brokewell predominantly disseminate this Trojan via fraudulent alerts about an ostensibly mandatory Google Chrome update. Users who interact with these alerts (essentially ads that redirect) find themselves on a bogus site where they inadvertently download the malicious software.

Authentic (on the left) and fake (on the right) update information
Authentic (on the left) and fake (on the right) update information© Threat Fabric

In reality, once Brokewell gains entry, it commands control over every piece of data and functionality on the device. Its capabilities include recording audio, capturing the screen, tracking GPS location, making phone calls, sending SMS messages, secretly installing additional malicious software (likely to perpetuate further harm), and transmitting any collected data back to the attackers. The device is entirely compromised, leaving the user oblivious to the intrusion.

To fend off such dangers, it's crucial to exercise caution when downloading or updating applications. The most prudent approach is to opt for only official distribution channels, like the Google Play store (the standard platform for app updates). According to a statement by Google to The Hacker News, Android is equipped with Play Protect, which detects known threats and unauthorized activities perpetrated by applications, even those installed from outside the Google Play store.

© essanews.com
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.