Skip to content

A newly discovered Android malware strain named “Brokewell” poses a significant risk to mobile device users. Disguised as legitimate software updates for popular apps like Google Chrome, Brokewell tricks users into granting it extensive permissions, allowing the malware to steal sensitive data and even remotely control an infected device. 

Understanding the Threat 

Brokewell belongs to the category of malware known as Remote Access Trojans (RATs). RATs provide attackers with a backdoor into infected devices, allowing them to: 

  • Steal sensitive data: Access login credentials, banking information, and personal details. 
  • Monitor device activity: Track keystrokes, view screenshots, and intercept text messages. 
  • Remotely control the device: Initiate actions such as making phone calls or sending messages. 

How Brokewell Spreads 

Brokewell primarily spreads through fake software updates, often masquerading as updates for Google Chrome or popular financial apps. These fake updates are distributed through malicious websites or phishing campaigns. Once installed, Brokewell abuses Android’s accessibility features to gain the permissions it needs to carry out its malicious activities. 

Image source: www.threatfabric.com 

Protecting Yourself from Brokewell 

To avoid falling victim to Brokewell and other similar malware threats, follow these essential security practices: 

  • Stick to official app stores: Download apps only from trusted sources like the Google Play Store. 
  • Be cautious with software updates: Verify the authenticity of any software update prompts, especially those received outside of the official app store. If in doubt, visit the app developer’s website directly to download updates. 
  • Review permissions carefully: Before installing any app, pay attention to the permissions it requests. Avoid granting unnecessary or overly intrusive permissions. 
  • Use robust mobile security software: Install a reputable mobile antivirus solution to help detect and block malware threats. 
  • Keep your device updated: Ensure your Android device is running the latest security patches. 

By following these basic guidelines, you can significantly reduce your risk of falling victim to this dangerous Android malware. 

You can also read more on keeping mobile decides safe and secure at our website and our Guide to Mobile Malware  

Additional information: