:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/CCNEO3XR2VD6LHN4G5QU2TATNU.jpg)
In recent years, cybersecurity researchers have discovered a new Trojan that poses as a fake update for Chrome on Android devices. Known as Brokewell, this malicious software gives cybercriminals remote access to all assets available through mobile banking.
The Brokewell Trojan was discovered by analysts from ThreatFabric, who described it as a significant threat to the banking industry. The malware is continuously being developed, with new commands added almost daily. It can bypass Android 13+ restrictions and is disguised as an update for Google Chrome.
One of the most dangerous aspects of Brokewell is its ability to use overlay attacks. This technique involves presenting a fake screen on top of legitimate applications to capture user credentials. The Trojan can steal session cookies and send them to a command and control server, giving cybercriminals access to sensitive information such as bank account numbers and passwords.
Additionally, the Trojan has an accessibility log that captures user activity, including keystrokes, screen information, call history, geolocation, and audio recordings. This information can be used by cybercriminals to launch more targeted attacks or sell stolen data on the black market.
Developers of the Brokewell Trojan do not hide their identity and have even created a repository called Brokewell Cyber Labs. This malware is likely promoted in underground channels, attracting other cybercriminals’ interest. The source code includes the Brokewell Android Loader tool, designed to bypass Android 13+ restrictions on side-loading applications.
Experts believe that this malware family has been active for at least two years and may pose a significant risk to clients of financial institutions. These malware families are challenging to detect as they often use evasive techniques such as polymorphism or obfuscation to avoid detection by antivirus software. As more actors gain the ability to bypass Android restrictions, mobile malware is becoming more common in the threat landscape.
It is important for users of Android devices to take precautions against downloading untrusted apps or updates from unknown sources. Antivirus software should also be installed on all devices to detect and prevent malicious software from infecting your device.
In conclusion, Brokewell is a dangerous Trojan that poses a significant threat to mobile banking users around the world. As developers continue to develop this malware family and evade detection methods used by antivirus software companies like ThreatFabric, it becomes increasingly important for individuals and organizations alike to take proactive measures in protecting their digital assets from potential threats such as these trojans.
