BleepingComputer reports that data on Android devices could be compromised and possibly hijacked in attacks with the new Brokewell banking Trojan.
The initial compromise was achieved through a fraudulent Google Chrome update page, which, when clicked, deployed Brokewell with a full set of data-stealing features, according to a report by ThreatFabric.
In addition to exfiltrating credentials by spoofing targeted apps’ login screens and extracting website cookies via WebView, Brokewell also collects text entries and other user interactions, call logs, hardware and software information of devices, as well as audio. Attackers could also exploit the Android banking Trojan to facilitate real-time screen streaming, performing gestures, remote clicking and scrolling of the screen, and making brightness and color adjustments. volume of the device, the researchers said.
One such banking Trojan, developed by Baron Samedit who has been involved in selling other hacking tools over the past two years, could be further enhanced to support a malware-as-a-service operation, they said. added the researchers.
