Security researchers are issuing an urgent alert about a new malware attack that’s targeting Android users’ bank accounts.
The malware, which has been nicknamed “Brokewell,” takes the form of a fake Google Chrome browser update webpage that mimics Google’s own messaging style, reports ThreatFabric.
When users are directed to the page, they see a message stating that Chrome needs to be updated.
If users fall for the fake ad, criminals gain full control of the device, allowing them to capture banking credentials as they’re entered on screen as well as record audio, collect information about the device, access call history and track geolocation data.
“The analysis of the samples revealed that Brokewell poses a significant threat to the banking industry, providing attackers with remote access to all assets available through mobile banking. The Trojan appears to be in active development, with new commands added almost daily.”
Source: ThreatFabric / Fake Ad Depicted on Right
ThreatFabric says its analysis shows the malicious application is a previously unknown malware family with a wide range of capabilities.
“Brokewell is equipped with “accessibility logging,” capturing every event happening on the device: touches, swipes, information displayed, text input, and applications opened. All actions are logged and sent to the command-and-control server, effectively stealing any confidential data displayed or entered on the compromised device…
Malware families like Brokewell pose a significant risk for customers of financial institutions, leading to successful fraud cases that are hard to detect without proper fraud detection measures. We believe that only a comprehensive, multi-layered fraud detection solution—based on a combination of indicators, including device, behavior, and identity risks for each customer—can effectively identify and prevent potential fraud from malware families like the newly discovered Brokewell.”
The Federal Trade Commission (FTC) has released a set of guidelines on how to avoid malware attacks.
Among other things, the agency recommends that people download well-known software directly from the source, avoid clicking potentially suspicious links, ignore pop ups, read browser security alerts and scan devices for malicious activity.
Generated Image: Midjourney
Read the full article here