Recently, a fake Chrome update has been targeting Android users, putting their devices and accounts at risk. This new malware called Brokewell comes with extensive device takeover capabilities and is being disguised as a legitimate Chrome update. Despite its innocent appearance, the malware can access banking apps and even take over users’ devices. The malware is still under development, with new commands being added daily, making it a serious threat to Android users.
The malware is able to capture login details by creating an overlay screen in front of real apps and stealing session cookies. This allows it to bypass multi-factor authentication and gain access to sensitive information on the compromised device. Brokewell’s dropper bypasses Android’s accessibility protections, making it difficult for users to detect and prevent the malware from infecting their devices. This poses a significant challenge for fraud detection tools that rely on device identification or fingerprinting to detect malicious activity.
Threat Fabric warns that the wider distribution of the new dropper behind this attack will increase the threat landscape, as more cyber criminals gain the capability to bypass Android restrictions. The ongoing demand for such capabilities among cyber criminals highlights the need for increased vigilance among Android users. Users are advised to stick to official app stores, check developer information and reviews before installing apps, and avoid granting unnecessary permissions to apps.
While Google Play Protect can protect against known versions of this malware, users are still encouraged to follow best practices for app and update installations. This includes avoiding third-party app stores, being cautious about granting app permissions, and refraining from clicking on links in emails or messages that directly download apps or updates. By following these precautions, Android users can reduce their risk of falling victim to malicious attacks like the fake Chrome update disguised as Brokewell malware.
Overall, the threat posed by the Brokewell malware highlights the importance of maintaining awareness and vigilance when installing apps and updates on Android devices. With cyber criminals constantly evolving their tactics to bypass security measures, it is crucial for users to stay informed and cautious to protect their personal information and devices from malicious attacks. By following recommended security practices and being cautious about the sources of apps and updates, Android users can reduce their risk of falling victim to malware attacks like Brokewell.
