Security researchers have just warned about a type of malware that steals bank money and fakes Chrome browser update notification windows.
The bank-stealing malware, dubbed Brokewell, can steal user data, track and even allow attackers to have full remote access to Android devices .
Be careful with Chrome browser update notifications
“Brokewell poses a significant threat to the banking industry, providing attackers with remote access to mobile banking apps,” Dutch security firm ThreatFabric said in a published analysis recently.
The malware is equipped with data theft and remote control capabilities, gaining access to victims' Android devices by tricking them into installing Brokewell malware on the phone.
According to researchers, the bank-stealing malware is disguised as a new update of Google Chrome, even using a similar design to the Chrome installation prompt.
Once a user downloads it, Brokewell creates a screen overlay in front of whatever app you're using to steal login credentials, steal session cookies, and even type or click on the phone screen to get money from a compromised device.
Brokewell appears to be under active development and is updated regularly, ThreatFabric said.
Malware steals bank money.
The malware was developed by a hacker named Baron Samedit Marais.
“We anticipate this malware will evolve further,” the company said. Brokewell will likely be advertised on underground channels as a rental service, attracting the interest of other cybercriminals and sparking new campaigns targeting different regions.”
How to limit losing money at the bank
Malware on Android is not uncommon. Just earlier this month, hackers were discovered inserting scripts into websites to display fake Chrome update errors to infect malware.
To limit losing bank money due to malware, the first and most important thing you need to pay attention to is not downloading unfamiliar applications.
Next is to enable the Google Play Protect feature in Google Play to stay protected from malware.
Finally, use reliable anti-virus solutions.