It seems like a legitimate update of the most used browser in the world, but in reality it is the dropper of a very dangerous virus called Brokewell
One of golden rules of online safety is that of always update the operating system and apps on all devices you use. But, paradoxically, just by updating an app you can risk a lot, even a hacker attack on your own Bank account complete with theft of money.
And we’re talking about important apps, used by practically everyone, like Chrome for Android: Threat Fabric researchers, in fact, found a fake Chrome update which, in reality, downloads a very dangerous virus, the so-called banking trojan, onto your phone or tablet Brokewell.
The fake Chrome update
As always, cybercriminals exploit the phishing (i.e. deception and counterfeiting) to trick users into downloading malicious software. In the case of Brokewellfor example, the user stumbles upon a web page that imitates the official Chrome advertisementbut which does not limit itself to suggesting the installation: it explicitly asks for it, saying that theupdate is necessary.
The user believes he is faced with an official message from Chrome, which is a Google app and therefore more than safe. But this is not really the case: if the victim agrees to download and install the fake update, he actually downloads the “dropper” by Brokewell, that is, a software that in turn secretly download the virus.
Because Brokewell is extremely dangerous
Brokewell it’s a Latest generation banking trojanreally dangerous because it manages to climb over the security restrictions introduced with Android 13 (and also present in Android 14). In particular, without the user actively granting them, the malware manages to obtain authorization to use them Android accessibility features.
These functions are usually used by apps for the visually impaired and allow the app (in this case the virus) to read the screen. In the case of apps for disabled people, this serves, for example, to allow the software to read what is displayed for the user.
But in the case of the virus these functions are used to read everything the user is viewing and, above all, what he is writing. For example the username and the password of the online current account.
But also social media, email and any other online service the user is using. Brokewell, then, is one spy tool complete and highly effective, which operates secretly and can cause very serious damage to its victims. Cheap, certainly, but not only.
How to defend yourself from Brokewell
The danger of Brokewell, therefore, is really high and defending yourself is not at all easy. Android 13 and 14’s blocking of accessibility features for apps downloaded outside of the Play Store doesn’t work, so the user can’t rely on this filter.
The only way to defend oneself from the Brokewell banking trojan, therefore, is to lend the maximum attention what you download and whether or not the download passes official Google store.
In fact, the same malware has in the past been distributed via fake updates of other apps such as ID Austria and Klarna, which in any case they were not distributed via the Play Store.
