Disguised as browser update, stealing banking information, Brokewell Trojan virus

As reported by ThreatFabric on April 25th, Information has been released about “Brokewell,” a Trojan-style malware that masquerades as an update to Android users' browsers like Chrome, allowing hackers to take control of phones within range. and take away your important data.

The malware's functionality involves displaying fake update pages designed to install shady Android applications. To trick people into downloading and installing this malware on mobile phones. which ThreatFabric analysts It has been revealed that this malware has never been discovered before and has a wide range of capabilities. A retrospective analysis revealed that it was targeting financial services in Austria.

Tracking and analysis of this malware have revealed that Brokewell is being sold by a hacker named "Baron Samedi" who is selling the malware along with other suspicious tools through Operating in the shadows online, the so-called "Brokewell Cyber ​​Labs" has had its website for at least a few years. Researchers also discovered another utility they created called "Brokewell Android Loader," which helps cybercriminals circumvent Android 13's restrictions on installing malware.

More seriously, analysts warn that the ability to bypass Android 13+'s restrictions could become widespread among cybercriminals. The same goes for reading SMS messages that are ubiquitous for mobile malware. Circumventing operating system security measures may become the new norm.

The emergence of this new malware may cause widespread damage if an unknowing person installs this malware. Therefore, a multi-layered protection approach has been developed to protect against malware like Brokewell most effectively.