BUSINESS

Urgent Android user warning over bug that can empty your bank account | Tech News

×

Urgent Android user warning over bug that can empty your bank account | Tech News

Share this article
Urgent Android user warning over bug that can empty your bank account | Tech News


The Chrome browser is popular with Android users (Picture: Getty)

Android owners who use the Chrome app for browsing online have been warned about a new type of malware that could empty their bank accounts.

The new bug, called Brokewell, is disguised as an update for the app. However, when downloaded, it allows cybercriminals to not only access personal data, but also take over the entire phone – potentially allowing them access to banking apps.

Screenshots provided by ThreatFabric, which discovered the bug, show how difficult it is to spot the fraud.

The team is warning Android users to be on alert, and only download updates from official sources, such as through the Google Play store.

They added that Brokewell is a ‘significant threat to the banking industry’.

‘Our Threat Intelligence shows that device takeover capabilities remain crucial for any modern banking malware family, and new players entering the landscape are no exception,’ the team said on its website. 

The official Chrome update, left, and fake update from Brokewell, right

‘Thus, it comes as no surprise that ThreatFabric analysts recently discovered a new mobile malware family, “Brokewell”, with an extensive set of device takeover capabilities.

‘Brokewell uses overlay attacks, a common technique for Android banking malware, where it overlays a bogus screen on a targeted application to capture user credentials.

‘After stealing the credentials, the actors can initiate a device takeover attack using remote control capabilities.’

Once downloaded, Brokewell allows whoever has taken over the device to perform a range of actions, such as touches, swipes, and clicks on specified elements.

The arrival of Brokewell marks a move away from launching dodgy apps to try to hack people’s phones, something cybercriminals have been doing for years and which more and more users are aware of.

By appearing as a perfectly legitimate update to an existing – and well-known – app, users may not stop to consider what they’re doing before hitting download.

However, with the discovery of Brokewell, it is even more important to take your time and properly consider anything that asks to update your device. If in doubt, ignore an update prompt and update the app manually yourself.


MORE : How to view Instagram Stories anonymously on iPhone and Android


MORE : Google’s treasure trove of hidden games includes a 90s Nokia classic


MORE : Google is considering charging for some of its search results





Source Link Website

Leave a Reply

Your email address will not be published. Required fields are marked *