Clicking This Fake Chrome Update Could Drain Your Bank Account and Leak Your Location

Security threat firm ThreatFabric has released details about a new Android-based banking malware called Brokewell. The name refers to the malware’s ability to drain bank accounts, but it can do so much more.

The program is said to be in active deployment as of this article’s writing, and currently masquerades as an update for Google Chrome on Android, even going so far as to very closely mimic the actual ads Google puts out for its browser.

ThreatFabric warns that Brokewell is equipped with both remote-control capabilities and data-stealing functionality. All of that is built right into the malware rather than relying on a cloud connection, making it especially detrimental to your device’s security. Like many other recent Android malware families, Brokewell is also capable of getting around the Google-imposed restrictions meant to keep sideloaded applications from requesting permissions to accessibility services.

Comparison of fake ad that installs Brokewell versus a real Chrome ad

A comparison of a real Google Chrome ad and the fake ad that installs Brokewell on your Android device. Credit: ThreatFabric

Once installed and launched for the first time, Brokewell prompts the infected user to grant permissions for accessibility services. The malware can then automatically grant itself other permissions, giving it open access to carry out a slew of malicious activities, ThreatFabric warns.

So far, Brokewell has been spotted masquerading as three popular applications: Google Chrome, ID Austria, and Klarna. The security firm also warns Brokewell is constantly logging information from all of your apps, making it especially dangerous: It isn’t just your banking that’s at risk, as the malware can also collect information such as call history, geolocation, and recorded audio.

The rise of malware apps like Brokewell does not bode well for the future of Android threats. With more and more bad actors gaining the ability to bypass the restrictions put into place in Android 13, Google will need to find new ways to protect users. Of course, users themselves will also need to be mindful of what they are downloading and sideloading.

Either way, if you’re running an Android phone right now, be careful what you download, and only download applications from trusted sources. Importantly, if a third-party app asks for accessibility permissions, don’t give them to it, as it could provide open access to your device and any data stored on it.

Adblock test (Why?)

Link to original source


دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

این سایت از اکیسمت برای کاهش هرزنامه استفاده می کند. بیاموزید که چگونه اطلاعات دیدگاه های شما پردازش می‌شوند.