Jump directly to the content
US Edition
Search

MORE SECTIONS

MORE FROM THE SUN

NewsPhones & GadgetsGamingScience
ENTER AT OWN RISK

Sinister ‘Google alert’ empties your bank as billions of Android owners warned you’ll be left ‘broke’ if you click it

The malware can take screenshots or send messages from your phone

SOME ill-intended malware has disguised itself as a Google Chrome update but can take over your Android. 

The malware is a new “brokewell” which can get around restrictions that would prevent it from getting into your system.

The brokewell malware is targeting Android devices
3
The brokewell malware is targeting Android devicesCredit: Alamy
The scammer's goal is to retrieve enough information to access your bank account and steal money
3
The scammer's goal is to retrieve enough information to access your bank account and steal moneyCredit: Alamy

Usually, brokewell malware targets bank account details so the scammer can steal your money

Dutch security firm ThreatFabric shared an analysis of the new brokewell malware on Thursday.

"Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," ThreatFabric said. 

The brokewell can be sneaky and cover its tracks.

read more on Androids

APP-SURD!

Android users warned of chilling attack that can see everything on their screen

CHILL OUT

'Thank God' Android users cry as Google plots button to stop annoying feature

It can steal cookies from your Android, including your username and password. 

This occurs behind the scenes, and it can get ahold of this information without you even knowing. 

“Brokewell uses overlay attacks, a common technique for Android banking malware, where it overlays a bogus screen on a targeted application to capture user credentials,” ThreatFabric explained.  

“Once the victim completes the login process, Brokewell dumps the session cookies and sends them to the command and control (C2) server.”

Most read in News Tech

iPhone owners given less than a month to claim between $50 - $349 over ‘audio issue’
PAY UP

iPhone owners given less than a month to claim between $50 - $349 over ‘audio issue’

Free upgrade for all Amazon Fire Stick owners adds seven live TV channels
TUNE IN

Free upgrade for all Amazon Fire Stick owners adds seven live TV channels

Simple question to ask on phone call catches bank-emptying AI 'voice clones'
EASY AI-NSWER

Simple question to ask on phone call catches bank-emptying AI 'voice clones'

HBO Max faces outage as users get message saying content is 'not available'
MAXED OUT

HBO Max faces outage as users get message saying content is 'not available'

The brokewell can also do accessibility logging, which records every action a user performs on their device. 

It picks up on clicks, swipes, websites/apps opened, and inputted text. 

How to protect yourself from scams

If the brokewell is installed and granted access, it can fully take over your device

This includes being able to record audio, take screenshots, access call logs, find your location, send messages, make phone calls, or install/uninstall apps.

WHAT TO LOOK OUT FOR

It is hard to decipher between the real update and the malware one
3
It is hard to decipher between the real update and the malware oneCredit: Threat Fabric

The scammer is looking to get their hands on the perfect combination of information so they can drain your bank. 

The malware will show up as a screen that looks almost identical to a real Google Chrome update. 

It may say something like, “An update is required.”

There will be some sort of “update chrome” button to click on which will install the malware. 

Phone scam statistics

Americans are bombarded with three billion spam phone calls a month. What are the figures regarding the number of victims and the amount of money lost to fraudsters

  • In 2022, Americans lost some $39.5 billion to phone scams, with 68.4 million US citizens affected, according to TechReport.
  • The average phone scam victim lost $567.41 each in 2021, a major rise on the 2021 figure of $182 per victim, according to Hiya.
  • The majority of scams happen over the phone, with fraudsters twice as likely to call compared to text in 2021, as reports the Federal Trade Commission (FTC).
  • In 2021, the US saw a 56% increase in spam phone calls with 60% of those being robocalls.
  • US residents experienced an average of 18 spam phone calls per month, although some experts believe the true figure may be as high as 31 per month.
  • Many phone calls from reputable businesses may be marked wrongly as spam, but 38% of companies have no idea whether they’re being marked as “potential fraud” or not, according to Hiya.
  • Never hand over any personal or financial information if you suspect a phone call is a scam. For instance, your bank will never ask you for such details in full over the phone. 
  • To cut down on spam phone calls and scams, sign up for the Do Not Call Registry. Telemarketers, by law, will need to check that list before they call you up.
  • Downloading third-party apps such as Hiya, Nomorobo, or Truecaller can help filter out annoying spam calls.
  • Try not to share your phone number unless you have to, especially online or with sketchy sources.

Once the malware is installed, it may prompt a user to give permission for the accessibility service. 

You don’t want to give an app permission to access anything on your device unless you are sure it is from an official company.

The app code for the Google Chrome brokewell is “jcwAz.EpLIq.vcAZiUGZpK.”

Read More on The US Sun

RUN FOR COVER

Moment churchgoer points gun at pastor during service before body found

BLOCK AWAY

JLo's 'sex siren' Met Gala look will be 'far removed from Jenny from the Block'

If you are unsure if a software update is from an official company, wait it out and do research before downloading anything onto your device.

The new brokewell has been described as having an “extensive set of device takeover capabilities.”

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU