[SECURITY ALERT] DON'T Click The FAKE Chrome Update!!!
NOT to unduly raise alarms BUT I have to, after I stumbled across a SECURITY ALERT from security threat firm ThreatFabric about a new Android-based banking malware called BROKEWELL. Yes, that sounds correct. The name refers to the malware's ability to drain your bank account [!!!!] BUT the security bulletins are alerting us that it can do much more than that. BTW, in today's breaking news, even Singapore and Hong Kong authorities have joined forces in foiling a $370,000 scam. BTW, DON'T Click The FAKE Chrome Update!!!
ThreatFabric warns that BROKEWELL is equipped with both remove-controlled capabilities and data-stealing functionality. All of that is built right into the MALWARE rather than relying on a cloud connection, making it especially detrimental to one's device security. This alert CAN'T be ignored๐๐๐
This potential threat has also taken an extra step of circumventing Google's imposed restrictions that are meant to keep sideloaded applications from requesting permissions to accessibility services. The alarm bells will kickstart once BROKEWELL has been conspicuously installed and launched for the first time as it will prompt the infected end-user to grant permissions for accessibility services. From there, the malware can automatically grant itself other permissions, giving it OPEN ACCESS, whew๐ง๐ง๐ง
Now, this is an earthshaking BREAKING NEWS. BROKEWELL has been spotted to be masquerading as either of these three popular applications: Google Chrome, ID Austria and Klarna. We are also warned that BROKEWELL is constantly logging information from all of your applications, making it especially dangerous. And it ISN'T just your own banking applications that's at risk as the MALWARE can also collection information such as call history, geolocation and even recorded audio. Frightening in fact, the rise of MALWARE apps like BROKEWELL does NOT bode well for the future of Android threats. What makes this a fresh BREAKING NEWS is that this MALWARE is in active deployment even as it mimics actual Google ads๐ฅ๐ฅ๐ฅ
Our takeaway: Constant monitoring of the threat landscape allows us to spot new threats and take immediate action, albeit reactively. Security analysts cannot just overstate this very serious threat of BROKEWELL as it threatens with its DEVICE TAKEOVER capabilities. Samples revealed that BROKEWELL poses significant threat to everyone as it gives these attackers with remote access to all assets available all over the landscape. As a layman, here are the most BASIC DON'Ts I won't get tired cascading: Be wary of every call, message, apps and links that gets into your device because by default, anything unknown OR unexpected is a threat to your device security๐๐๐