Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.
Researchers at fraud risk company ThreatFabric found Brokewell after investigating a fake Chrome update page that dropped a payload, a common method for tricking unsuspecting users into installing malware.
So just a classic fake update button
To protect yourself from Android malware infections, avoid downloading apps or app updates from outside Google Play and ensure that Play Protect is active on your device at all times.
Fine advice for someone who has no idea how their phone works, I suppose
True, if you don't already know the answer to that is "no I don't" then the answer probably is "yes you do"
Yeah, as long as I'm always able to disable it then I'm fine with it being there for the casual user
Doesn't it require jumping through a ton of hoops to install apks from unknown sources on modern Android? How many people are A) capable of doing this, and B) naive enough to actually do it?
That said, I don't use Chrome so I've never seen that incredibly shady-looking real update notification they showed in the article. If Google has indeed trained users to expect and accept something like that, then shame on Google. I can't blame users for thinking the fake one is legit. It looks very similar (and it seems like it would be trivial to make it look 100% identical). But still, how does the apk actually get installed?