Despite the tireless work of the main technology companies to guarantee our security, we frequently hear about different threats that can affect our devices, from malware to steal money from those affected to applications capable of recording our conversations without us realizing it.
Everything seems to indicate that there is a new Trojan in circulation that aims to obtain the banking details of Android users. The Trojan we are talking about today is called Brokewell and is capable of collecting information from the user’s mobile phone, going completely unnoticed.
Trojan impersonates Chrome update page
This time, scammers trick users with a website that pretends to be the Google Chrome update page. Once on this page, it indicates that there is a pending update that we must install. If we fall into the trap, by clicking on the download link we will actually be downloading a fraudulent APK containing a dangerous banking Trojan.
A group of security researchers has discovered that the Trojan we are talking about is capable of collect all types of device data, such as call history or location, in addition to being able to record the mobile screen and audio. As it collects all this information, it sends it to a server from which attackers can consult it.
In order to run, Brokewell tricks the user with a fake menu in which requests that we enter the mobile lock code. Even though the user thinks they are entering the code to install the browser update, they will actually be providing their blocking code to the creators of the Trojan.
Everything the user does will be recorded, so this is an extremely dangerous Trojan. Since all user information is sent to the attackers’ servers, when entering banking applications we will be providing our access codes, which highlights the magnitude of the threat.
Taking into account the details of the fake menu in which the device’s lock code is requested, everything seems to indicate that the Trojan we are talking about is aimed at Android users in Germany. Even so, it is important to be aware of its operation and take extreme precautionssince it is possible that it will spread to other countries.
Cover image | Microsoft Designer Image Creator
Via | The Cyber Express