Tech
Major alert! Fake Chrome update for Android installs trojan that will access your banking apps
The legitimate Chrome update is on the left while the one on the right is a fake
The “Brokewell” trojan uses a fake Chrome browser update that almost looks like the real thing and it is easy to see how a smartphone user can be tricked into installing it. The malware uses what is known as the “overlay” technique. A fake screen is placed over a targeted application (such as a banking app) and captures the login info, including the user’s username and password for a particular app.
With “accessibility logging,” the malware captures all touches, text inputs, swipes, apps opened, and information displayed. This data is sent to the command-and-control server, essentially stealing personal data. Because every event is captured by the trojan, all apps downloaded on a phone are vulnerable. Once the malware steals the phone user’s credentials, the attackers can take over control of the phone remotely.
The “Brokewell” trojan is serious. If you receive an update for the Chrome browser for Android, ignore it. You can always update the app via the Google Play Store.