ANDROID users have been warned of a fresh cyber threat that can see everything on their screen before raiding their accounts....CONTINUE READING
The chilling spyware can capture touches, swipes, information displayed, text input, and applications opened, according to experts at ThreatFabric.
They say it poses “a significant threat to the banking industry”.
But this new Android danger doesn’t come via a dubious app as in previous cases.
Malware families like Brokewell pose a significant risk for customers of financial institutions
Instead it’s all executed via a very convincing Chrome alert that is actually fake.
The false notification appears in the popular web browser telling users they need to update.
It has an identical look to an authentic page used by Google with the logo and familiar font.
But clicking the button allows secret malware onto your device allowing hackers to take over, researchers say.
Once invaders are in, they can capture taps and text inputs, stealing sensitive data used to access accounts, it’s claimed.
Bad actors can apparently find out the physical location of the device and captures audio using from the microphone too.
The malware has been called Brokewell and is said to be in “active development, with new commands added almost daily”.
“Brokewell will likely be promoted on underground channels as a rental service, attracting the interest of other cybercriminals and sparking new campaigns targeting different regions,” ThreatFabric said.
“Malware families like Brokewell pose a significant risk for customers of financial institutions, leading to successful fraud cases that are hard to detect without proper fraud detection measures.”
Billions of Android and iPhone owners warned over ‘scan attack’ that raids your bank with a piece of paper.
To avoid falling foul of scams like Brokewell users should always check the source of downloads and alerts.
Does it go to an authentic web page with a Google address or is it a random one? If it’s random, it’s probably not genuine.
Hackers also like to rely on urgency in their messaging, designed to trick people into making rash decisions without taking the time to think.
Fraudsters sometimes make simple spelling and grammar errors too, so that’s something to look out for.
When downloading apps, it’s always safest to do so via official stores like Google Play or Samsung’s Galaxy Store..<<CONTINUE READING>>
