Malware News Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Aug 17, 2014
A newly identified Android trojan can steal user information and provide attackers with the ability to take control of infected devices, threat detection company ThreatFabric reports.

Dubbed Brokewell, the trojan includes all the capabilities of mobile banking malware, while also providing attackers with remote access to devices.

Brokewell is being distributed via fake application updates, such as newer Chrome browser iterations and updates for an Austrian digital authentication application.

To harvest the victim’s credentials, the malware overlays fake windows over the targeted mobile applications. Furthermore, it can steal browser cookies by launching its own WebView, loading the legitimate site, and dumping session cookies after the user completes the login process.

Additionally, ThreatFabric discovered that Brokewell has an accessibility logging capability, which allows it to capture device events such as touches, swipes, text input, opened applications, and information being displayed on the screen.

ForgottenSeer 109138

Tapjacking is serious and one of the worst exploits in android.


One can either find security with tapjacking protection or, go into settings, tap apps, scroll down to special app access, click display over other apps, and disable any app from doing so.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.