Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Brokewell Trojan Strikes Via Chrome Update

April 25, 2024
Reading Time: 3 mins read
in Alerts
Brokewell Trojan Strikes Via Chrome Update

Security researchers have recently identified a new Android banking trojan named Brokewell, capable of capturing a wide range of user activities on infected devices. The malware exploits user interactions by mimicking legitimate login screens to steal credentials and using its own WebView to intercept cookies, alongside capturing taps, swipes, and text inputs. This allows Brokewell to collect extensive data from the device, including call logs, physical location, and even audio through the device’s microphone. The trojan is delivered to users through a deceptive notification for a Google Chrome update while browsing, making it a potent threat given Chrome‘s widespread usage.

Brokewell’s capabilities extend beyond mere data theft to comprehensive device control. Attackers can remotely view the device’s screen, execute touch and swipe gestures, click on specific screen elements, and manipulate device settings such as brightness and volume. These features enable attackers to take over the device without physical access, facilitating fraud and other malicious activities directly from the victim’s device. This level of access effectively bypasses traditional security measures aimed at detecting fraudulent transactions.

The development and distribution of Brokewell are credited to a threat actor known by the alias Baron Samedit. Samedit has been active for at least two years, developing tools like the “Brokewell Android Loader,” which is used by multiple cybercriminals. This loader is particularly notorious for bypassing restrictions introduced in Android 13 that are meant to curb the abuse of Accessibility Services by side-loaded apps (APKs), highlighting a significant vulnerability in Android’s security framework.

As Brokewell continues to evolve, security experts anticipate its further refinement and distribution in the cybercrime community as part of a malware-as-a-service (MaaS) operation. This points to a growing trend of sophisticated malware tools being offered on underground forums, allowing a wider range of cybercriminals to engage in fraud and data theft. Users are advised to protect themselves from such threats by only downloading apps or updates from reputable sources like the Google Play Store and ensuring that Google Play Protect is enabled on their devices at all times.

Reference:
  • Brokewell Banking Trojan Targets Androids Via Fake Chrome Update

Tags: AndroidApril 2024BrokewellCHROMECyber AlertCyber Alerts 2024Cyber RiskCyber threatWebView
ADVERTISEMENT

Related Posts

Sitecore Exploit Chain Warning

High Risk SQLi In WordPress Plugin

September 2, 2025
Sitecore Exploit Chain Warning

Sitecore Exploit Chain Warning

September 2, 2025
Sitecore Exploit Chain Warning

AI Weaponized Nx Supply Chain Attack

September 2, 2025
North Korea APT37 Uses RokRAT In Phishing

North Korea APT37 Uses RokRAT In Phishing

September 1, 2025
North Korea APT37 Uses RokRAT In Phishing

Brokewell Android Malware In Fake Ads

September 1, 2025
North Korea APT37 Uses RokRAT In Phishing

New Zero Click Exploit Targets WhatsApp

September 1, 2025

Latest Alerts

High Risk SQLi In WordPress Plugin

AI Weaponized Nx Supply Chain Attack

Sitecore Exploit Chain Warning

Brokewell Android Malware In Fake Ads

North Korea APT37 Uses RokRAT In Phishing

New Zero Click Exploit Targets WhatsApp

Subscribe to our newsletter

    Latest Incidents

    Lotte Card Cyberattack Reported

    Von Der Leyen Plane GPS Jamming

    Zscaler Data Breach Exposes Info

    Google Warns Salesloft Breach Hit Accounts

    Fraudster Stole Millions From Baltimore

    MathWorks Confirms Cyberattack Data Stolen

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial