Millions of Android users have been warned about new, previously undocumented malware that uses fake Google Chrome updates to trick users into putting their devices at risk. Dubbed "Brokewell", the Trojan malware can siphon user data, access banking apps, spy on users and even allow attackers to gain complete remote access to Android devices. Dutch security firm ThreatFabric said in an analysis report published this week that "Brokewell poses a significant threat to the banking industry, with attackers able to remotely access all available assets via mobile banking." ” tricking victims into installing the Brokewell Trojan on their phones to gain access to their Android devices. Although a similar visual design is used as a legitimate Chrome installation prompt, the new Google Chrome version update is used to avoid doubt. Despite some obvious grammatical mistakes -this is common in such scams. Instead of saying "Browser built to be yours" like the original Google prompt, the Brokewell infected fake version says "You need an update".
Once downloaded, Brokewell creates an overlay screen in front of the apps you use to capture login information, steal session cookies, and even type or click on your phone screen to steal money from the compromised device.
The malware itself is "a never-before-seen malware family with a wide range of capabilities," ThreatFabric said. Worse still, Brokewell appears to be in active development and receives regular updates. ThreatFabric traced the malware back to a hacker named Baron Samedit Marais, who is reportedly selling it along with a range of other malicious tools through a site called Brokewell Cyber Labs. "We expect further development of this malware family as we have already seen almost daily updates to the malware," the company said. "Brokewell is likely to be promoted on underground channels as a service for hire, attracting the interest of other cybercriminals and leading to new campaigns targeting different regions.
Android malware is far from uncommon. Just earlier this month, hackers were found to be injecting scripts into websites to display fake Chrome update errors to infect unsuspecting users with malware. When it comes to protecting yourself from Android malware, the first and most important thing you can do is to be extra careful when downloading and installing any updates or new apps. If you have one of the best Android Smartphones, Google Play Protect Protect is Pre -installed. Make sure this application is enabled because it can scan all existing applications and any new application downloaded to malware. Also, for added protection, you can also consider installing one of the best Android antivirus programs to work with it.
In an email to Tom's Guide, a Google spokesperson explained how Google Play Protect can help protect you from malicious apps, saying:
Google Play Protect automatically protects Android users from known versions of this malware and is turned on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."