⇄ Σ = Mᄃ² ⇆  

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device

The malware is delivered through a fake Google Chrome update that is shown while using the web browser

Researchers at fraud risk company ThreatFabric found Brokewell after investigating a fake Chrome update page that dropped a payload, a common method for tricking unsuspecting users into installing malware.

threatfabric.com/blogs/brokewe

1+
⇄ Σ = Mᄃ² ⇆
Follow

The researchers discovered another tool called "Brokewell Android Loader," also developed by Samedit. The tool was hosted on one of the servers acting as command and control server for Brokewell and it is used by multiple cybercriminals.

Tools sold on the threat actor's website

-- ThreatFabric

· 1· 0· 0
⇄ Σ = Mᄃ² ⇆  

Interestingly, this loader can bypass the restrictions Google introduced in Android 13 and later to prevent abuse of Accessibility Service for side-loaded apps (APKs).

As highlighted with Brokewell, loaders that bypass restrictions to prevent granting Accessibility Service access to APKs downloaded from shady sources have now become common and widely deployed in the wild.

Advice >> ensure that Play Protect is active on your device at all times.....

0
Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…