JAKARTA - Hackers have released a new malware called 'Brokewell' aimed at stealing Android user bank account information. Even security researchers warn that they are currently targeting Android users.
Brokewell Trojans are currently posing as updates for Google Chrome on Android, sometimes even posing as Google ads for updates.
Even worse, according to a team security report, Brokewell'seems to be in active development, with new commands added almost every day.'
This malware Kit also includes a suite of'spyware' tools that are able to monitor secretly and remotely control Android users' mobile devices.
"It can gather information about the device, call history, geographic location, and record audio," security researchers warned of the dangers of the malware.
Security researchers at ThreatFabric first identified Brokewell through hackers' fake ads about Google Chrome updates, but their'retrospective analysis' found previous hacking campaigns using this malware.
Malware is also targeting Klarna, a popular 'buy now, pay' financial app, and Austrian ID, an official digital authentication service created by the Austrian national government.
Brokewell, according to ThreatFabric, uses two tactics that are increasingly commonly used by similar cellular banking malware. First, by carrying out 'overlay attacks,' which create fake screens on top of targeted banking applications, to steal user login credentials when they enter them themselves.
SEE ALSO:
Next, Brokewell stole'session cookies' used by banking apps, so hackers can bypass security measures such as two-factor authentication later.
Session cookies are temporary cookies removed from the device after the user closes the browser. By stealing it, hackers can enter it into a new web session and basically import natives without having to prove their identity.
All of Brokewell's advanced hacking tools, according to the researchers, will increase the possibility that other hackers will soon combine their ability to bypass security measures on Android devices running Android 13 or higher.
Hackers bravely have a repository for their code, under the name 'Brokewell Cyber Labs' and the author's name 'Baron Samedit.' The name is a play of words from Baron Samedi, a well-known figure in Haitian voodoo culture through criminals James Bond in the 1973 film Live and Let Die.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)