Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Brokewell Trojan Strikes Via Chrome Update

April 25, 2024
Reading Time: 3 mins read
in Alerts
Brokewell Trojan Strikes Via Chrome Update

Security researchers have recently identified a new Android banking trojan named Brokewell, capable of capturing a wide range of user activities on infected devices. The malware exploits user interactions by mimicking legitimate login screens to steal credentials and using its own WebView to intercept cookies, alongside capturing taps, swipes, and text inputs. This allows Brokewell to collect extensive data from the device, including call logs, physical location, and even audio through the device’s microphone. The trojan is delivered to users through a deceptive notification for a Google Chrome update while browsing, making it a potent threat given Chrome‘s widespread usage.

Brokewell’s capabilities extend beyond mere data theft to comprehensive device control. Attackers can remotely view the device’s screen, execute touch and swipe gestures, click on specific screen elements, and manipulate device settings such as brightness and volume. These features enable attackers to take over the device without physical access, facilitating fraud and other malicious activities directly from the victim’s device. This level of access effectively bypasses traditional security measures aimed at detecting fraudulent transactions.

The development and distribution of Brokewell are credited to a threat actor known by the alias Baron Samedit. Samedit has been active for at least two years, developing tools like the “Brokewell Android Loader,” which is used by multiple cybercriminals. This loader is particularly notorious for bypassing restrictions introduced in Android 13 that are meant to curb the abuse of Accessibility Services by side-loaded apps (APKs), highlighting a significant vulnerability in Android’s security framework.

As Brokewell continues to evolve, security experts anticipate its further refinement and distribution in the cybercrime community as part of a malware-as-a-service (MaaS) operation. This points to a growing trend of sophisticated malware tools being offered on underground forums, allowing a wider range of cybercriminals to engage in fraud and data theft. Users are advised to protect themselves from such threats by only downloading apps or updates from reputable sources like the Google Play Store and ensuring that Google Play Protect is enabled on their devices at all times.

Reference:
  • Brokewell Banking Trojan Targets Androids Via Fake Chrome Update

Tags: AndroidApril 2024BrokewellCHROMECyber AlertCyber Alerts 2024Cyber RiskCyber threatWebView
ADVERTISEMENT

Related Posts

FBI Issues Warning on Spoofed IC3 Website

FBI Issues Warning on Spoofed IC3 Website

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

Infostealer Hits macOS Users Widely

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

SonicWall Warns Reset After Exposure

September 22, 2025
Steganography Cloud C2 In Modular Chain

Steganography Cloud C2 In Modular Chain

September 19, 2025
Steganography Cloud C2 In Modular Chain

Fake Empire Targets Crypto With AMOS

September 19, 2025
Steganography Cloud C2 In Modular Chain

SEO Poisoning Hits Chinese Users

September 19, 2025

Latest Alerts

SonicWall Warns Reset After Exposure

Infostealer Hits macOS Users Widely

FBI Issues Warning on Spoofed IC3 Website

Steganography Cloud C2 In Modular Chain

Fake Empire Targets Crypto With AMOS

SEO Poisoning Hits Chinese Users

Subscribe to our newsletter

    Latest Incidents

    Steam Game Steals Streamer Donations

    Ransomware Gang Hacks Spartanburg County

    Cyberattack Hits Europe Airport Systems

    Russian Hackers Hit Polish Hospitals

    New York Blood Center Data Breach

    Tiffany Data Breach Hits Thousands

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial