Android users should stay vigilant against a deceptive Google Chrome update that disguises itself as legitimate but actually installs harmful “Brokewell” trojan malware. This malware, initially appearing as a regular app, transforms into malicious software upon installation. “Brokewell” is notorious for harvesting users’ personal information, enabling remote control of Android devices for attackers, and even spying on users, including accessing and wiping out data from banking applications.
A Dutch security firm called ThreatFabric said: “The analysis of the samples revealed that Brokewell poses a significant threat to the banking industry, providing attackers with remote access to all assets available through mobile banking. The Trojan appears to be in active development, with new commands added almost daily.”
The “Brokewell” trojan employs a deceptive tactic by presenting a fake Chrome browser update that closely resembles the genuine version, making it simple for smartphone users to fall for the ruse. This malware utilizes a method called the “overlay” technique, where a counterfeit screen overlays a targeted application, such as a banking app. Through this overlay, it captures sensitive login information, including the user’s username and password for the targeted app.
Through the use of “accessibility logging,” the malware records every touch, text input, swipe, app opened, and displayed information on the device. This captured data is then transmitted to a command-and-control server, effectively resulting in the theft of personal information. Given that the trojan captures every event, all apps installed on the phone become susceptible. Once the malware acquires the user’s credentials, attackers can remotely seize control of the device.
If you use an Android and recieve an update for the Chrome browser, please ignore it.
