Security researchers have recently discovered a new banking Trojan targeting the Android platform, which they have named Brokewell. This ingenious malware is capable of recording every user interaction with their device, from touches and displayed information, to text input and app launches.
Android is targeted by the Brokewell malware, which was found by specialists from ThreatFabric, a well-known cyberfraud company, who investigated a fake Google Chrome update page. The malware spreads through this bogus browser update, suggesting users to download an update, while actually installing the Trojan.
Android is the target of Brokewell’s active development, and this indicates increased attention from its creators, who continue to improve and expand its capabilities. Among the main functions of this Trojan are data theft and remote control, which allow attackers to access and manipulate information on infected devices.
Brokewell isn’t limited to stealing credentials by mimicking the login screens of targeted apps. It also uses its own WebView to intercept and extract cookies after users log in to a legitimate site. Moreover, it can access call logs, determine the physical location of the device, capture sounds through the microphone and even take complete control of the infected device.
Android: New very Serious THREAT for Phone Users
Android, targeted by the Brokewell Trojan, is a major threat given the popularity of the operating system and the diversity of applications used. The developer behind Brokewell, known as Baron Samedit, has been active in this field for at least two years, marketing various tools for exploiting compromised accounts.
Interestingly, according to ThreatFabric’s research, Brokewell can bypass restrictions imposed by Android 13 to prevent abuse of the Accessibility Service. This is a problem that has become more and more serious, especially with the emergence of dropper-as-a-service (DaaS) operations, which incorporate these techniques into their custom loaders.
However, security experts point out that despite increased protection efforts, Brokewell’s advanced capabilities make it highly sought after by cybercriminals. They can use the Trojan to commit fraud directly from victims’ devices, bypassing traditional fraud detection systems.
In conclusion, Brokewell once again emphasizes the need for continued vigilance on the part of both Android users and app developers. It demonstrates that security in the digital age is an ongoing process that requires constant updates and adaptation to new threats.
