German Users Targeted by Android Banking Trojan

Published:

spot_img

Android Banking Trojan “Brokewell” Disguised as Official Chrome Update Page: CRIL Researchers

Researchers at CRIL have uncovered a new android banking trojan called ‘Brokewell’ that is being spread through a phishing site posing as the official Chrome update page. This malicious trojan is equipped with dangerous functionalities like screen recording, keylogging, and over 50 remote commands.

Further investigation led the researchers back to the developer behind the trojan, who boasted about its ability to bypass permission restrictions on the latest Android operating system versions. The trojan was traced back to a domain named “hxxp://makingitorut[.]com,” masquerading as the Chrome update website.

Once users are lured to download the supposed Chrome update, they unwittingly download the malicious APK file “Chrome.apk” onto their devices. This file contains the powerful android banking trojan, capable of executing various remote commands like collecting telephony data, call history, location tracking, and screen recording.

The trojan is connected to a remote command and control server operating through the domain “mi6[.]operationanonrecoil[.]ru.” Through a git repository, researchers discovered that the trojan can bypass permission-based restrictions on Android versions 13, 14, and 15.

While the current version of the Brokewell Banking Trojan is basic, utilizing screen overlay attacks and keylogging, researchers warn that future iterations may include more sophisticated features. The trojan also employs tactics to detect rooted devices before executing and uses German localization to prompt users to input their device PIN.

With the prospect of international expansion and continuous development, the threat of android banking trojans like ‘Brokewell’ highlights the importance of staying vigilant against cybercriminal activities and the need for ongoing monitoring and defense measures.

spot_img

Related articles

Recent articles

NSU Launches Cybersecurity Center to Enhance Research and Workforce Development in Bangladesh

North South University (NSU) has inaugurated its Cybersecurity Center to advance research, develop skilled professionals, and strengthen Bangladesh's resilience against emerging cyber threats. This...

Siemens ROX II Switches Vulnerable: Update to Firmware V2.17.1 to Mitigate CVE-2025-40948, CVE-2025-40947, and CVE-2025-40949 Exploits

Siemens has issued an advisory regarding three critical zero-day vulnerabilities (CVE-2025-40948, CVE-2025-40947, and CVE-2025-40949) affecting its ROX II operational technology (OT) switches. These vulnerabilities...

UK Regulator Launches Investigation into TikTok Age Verification Amid Strengthened Child Safety Measures

UK Regulator Launches Investigation into TikTok Age Verification Amid Strengthened Child Safety Measures The UK's communications regulator, Ofcom, has initiated a formal investigation into TikTok's...

Legacy Systems, Real-World Risks: Navigating the Challenges of OT Security

Legacy Systems, Real-World Risks: Navigating the Challenges of OT Security Operational Technology (OT) security presents unique challenges that differ significantly from traditional Information Technology (IT)...