{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Daily Security Review","title":"Brokewell Malware Targets Android Users via Fake TradingView Ads on Meta","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/7f7d3468\"></iframe>","width":"100%","height":180,"duration":1760,"description":"A new and highly sophisticated Android malware campaign, dubbed Brokewell, has emerged as one of the most dangerous mobile threats of 2024–2025. First spotted in April 2024 disguised as fake browser updates, Brokewell has since evolved into a fully featured spyware and remote access trojan (RAT), delivered through deceptive Meta (Facebook) advertisements. The latest campaign, active since July 2024, lures unsuspecting users with fraudulent promises of a premium version of the popular trading platform TradingView. Victims who sideload the malicious app are unknowingly giving attackers near-total control over their devices.Brokewell is no ordinary piece of malware—it is built for comprehensive surveillance, data theft, and financial fraud. Once installed, it abuses Android Accessibility permissions to trick users into revealing their lock screen PINs and then escalates privileges for persistence. Its capabilities include:Financial theft and fraud: Brokewell can drain cryptocurrency wallets, intercept banking credentials, and harvest sensitive financial identifiers.Two-Factor Authentication (2FA) bypass: By scraping Google Authenticator codes and intercepting SMS-based OTPs, it undermines one of the most widely used security measures.Full device takeover: Attackers can remotely control infected phones, stream screens in real time, perform swipes and clicks, and even uninstall apps or disable Google Play Protect.Comprehensive surveillance: The malware records keystrokes, captures screen activity, steals cookies, and accesses personal data from calls, messages, geolocation, and even the device camera.Researchers warn that Brokewell’s sophistication places it alongside the most advanced Android threats seen in the wild. Its modular design, daily updates, and public availability of droppers that bypass Android 13+ restrictions suggest that this malware family will continue to expand—potentially even being rented as a service to other cybercriminals.The implications for...","thumbnail_url":"https://img.transistorcdn.com/pL79_MJFeJHamQ_ztImsGmDSMdl27VMk_30TAkieujE/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8yNzg5/ZjlhNzM5Y2M4Njli/NjkxNzgyODA2Nzhi/MDI2ZC5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}