They discover a banking Trojan on Android that disguises itself as a Chrome update

NinFan

They discover a banking Trojan on Android that disguises itself as a Chrome update

Android, Banking, Chrome, Discover, disguises, Trojan, update

Despite the tireless work of major technology companies to guarantee our security, we frequently hear about different threats that can affect our devices, since malware to steal money from the people concerned to applications capable of recording our conversations without us realizing it.

Everything seems to indicate that there is a new Trojan horse in circulation which aims to get banking details of android users. The Trojan we are talking about today is called Brokewell and is capable of collecting information from the user’s mobile phone, going completely unnoticed.

Trojan impersonates Chrome update page

This time, scammers are fooling users with a website that pretends to be the Google Chrome update page. Once on this page, it indicates that there is a pending update that we need to install. If we fall into the trap, clicking on the download link will actually download a fraudulent APK containing a dangerous banking Trojan.

Android 15 against malware: it will further protect dangerous accessibility permissions

A group of security researchers discovered that the Trojan we are talking about is capable of collect all types of data on devices, such as call history or location, in addition to being able to record the screen and audio of the mobile. As it collects all this information, it sends it to a server where attackers can view it.

To work, Brokewell tricks the user with a fake menu in which asks us to enter the mobile lock code. Even if the user thinks they are entering the code to install the browser update, they are actually providing their blocking code to the Trojan creators.

Everything the user does will be recorded, so it is an extremely dangerous Trojan. Since all user information is sent to the attackers’ servers, when accessing banking applications we will provide our access codes, which highlights the scale of the threat.

Considering the details of the fake menu in which the device lock code is requested, everything seems to indicate that the Trojan we are talking about is aimed at Android users in Germany. However, it is important to be aware of how it works and take extreme precautionsbecause it is possible that it could spread to other countries.

Cover image | Microsoft Designer Image Creator

By | The Cyber ​​Express

In Xataka Android | My Android has a virus: tips to avoid malicious apps and how to remove them

Leave a Comment