:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/TRIB4UIGRFDZXCMIFSVWWDZZCI.jpg)
Brokewell: The New Malware Threat to the Banking Industry and How to Protect Yourself
A new threat to the banking industry has emerged with the discovery of a Trojan known as Brokewell, which poses as an update to Chrome on Android devices. This malware is designed to give cybercriminals remote access to mobile banking assets through overlay attacks and stealing session cookies.
The Brokewell Trojan is actively being developed by cybercriminals who use a fake download page that resembles the legitimate browser page to deliver banking malware. Once downloaded, this malware captures user credentials through overlay attacks and sends them to a command and control server, allowing cybercriminals to launch attacks that take control of devices by transmitting screens to the server.
Researchers have noted that Brokewell has an accessibility log that captures every event on the device, including keystrokes, application information, and activities. In addition to monitoring victims’ activity, the Trojan can collect device information, call history, geolocation, and record audio, among other spyware functionalities.
The developers of Brokewell do not conceal their identity, indicating that this malware may be distributed through clandestine channels that could attract other cybercriminals. The source code for Brokewell Android Loader is also included in the repository, providing a tool for bypassing Android 13+ restrictions in side-loading applications.
Experts anticipate a significant impact on the threat landscape with more actors gaining the ability to bypass these restrictions, potentially becoming a common feature among mobile malware families. The developers of Brokewell have been active for at least two years and have previously provided tools to other cybercriminals for checking stolen accounts from multiple services.
Researchers warn that malware families like Brokewell pose a substantial risk to clients of financial institutions, leading to successful fraud cases that are challenging to detect without appropriate measures in place.
In conclusion, it is crucial for individuals and organizations alike to take necessary precautions against such threats and ensure they are using secure software on their devices at all times.
