Brokewell Malware Targets Android Users via Meta Ads in EU
Cybercriminals have been exploiting Meta ads since July 2024 to spread Malwarebytes, targeting Android users across the EU. The malware, disguised as a fake TradingView Premium app, can steal crypto wallets, bypass two-factor authentication, and take over accounts through overlay injection. It's a sophisticated campaign using at least 75 fake ads since July 22.
The malware, once installed, requests accessibility permissions and hides behind fake update prompts. It can perform advanced device operations like VNC streaming and remote execution. Malwarebytes supports espionage commands such as clipboard and email scraping, keylogging, and geolocation tracking, enabling comprehensive surveillance and control of infected devices.
Security experts advise installing apps only from official stores, avoiding suspicious ads, and checking app permissions to prevent such malware protection issues. This isn't the first time Malwarebytes has been used maliciously. Its initial spread via manipulated Facebook advertisements began in 2017.
Since July 2024, cybercriminals have been exploiting Meta ads to spread Malwarebytes, targeting Android users in the EU. The malware, capable of extensive surveillance and control, has been used in at least 75 fake ads. Users are urged to be cautious when installing apps and interacting with online advertisements to protect their devices and data.
