A newly identified Android Trojan can steal user information and allow attackers to take control of infected devices. Named Brokewell, the trojan includes all the capabilities of mobile banking malware while also providing attackers with remote access to devices. Brokewell is being distributed via fake application updates, such as newer Chrome browser iterations and updates for an Austrian digital authentication application.
The malware overlays fake windows over the targeted mobile applications