a red gradientan orange gradient

Is Your Android Safe? How to Shield Your Phone from the New 'Brokewell' Malware Threat!

Published on April 29, 2024

How can you better protect your android phone from malware? Learn how to spot and avoid imposter apps!

Is Your Android Safe? How to Shield Your Phone from the New 'Brokewell' Malware Threat!

A new and dangerous malware has hit the news this week and Android users – Beware! This one is particularly nasty in that it can capture in real time every event (text input, clicks, touches, information displayed, and apps used) on your phone. If that sounds alarming – you would be right! How can you protect yourself? How can you better protect your android phone from malware? Let’s get into some details.

What Exactly is Brokewell Malware?

Meet 'Brokewell,' a sinister piece of malware discovered to be tricking users into compromising their own security. But what exactly is this threat? Brokewell is classified as a Trojan, a type of malware that disguises itself as legitimate software to deceive you into loading and executing the malware on your device. Imagine a situation where you invite a known friend into your home only to find out later that it was really a master thief using “Mission Impossible” style impersonation techniques to gain entry and steal your valuables. But this is no Hollywood plot device. Like an expert spy donning a disguise, Brokewell tricks you into believing you're simply updating your Chrome browser. Its method of deception? A convincingly authentic update prompt as you see in the image below as revealed by security firm ThreatFabric. While there are some obvious grammatical differences, the unwary could easily mistake the imposter for the real deal.


How Brokewell Affects Android Users

Once Brokewell has invaded your Android device, hackers can use the malware to target your personal information in real time. Not only can it harvest data stored on your device, but it also gives remote-control capabilities to the bad guys. It creates an overlay screen in front of your apps to capture login details. The bad actors are also enabled to type or click on your screen. This potentially gives it access to your funds through banking apps.

Lessons Learned from the Brokewell Attack

Fortunately, Google says that Android phones with Google Play Protect enabled are protected from known versions of this malware. Play Protect is enabled by default on most phones. But this malware event teaches us the importance of remaining vigilant about where our apps and updates come from. Here’s what we need to remember:

  • Check the source: Always verify that updates come directly from the app store or official software update tools.
  • Watch the language: Odd phrasing or grammatical errors in an update prompt? Red flag!
  • Stay informed: Reading news articles about current malware threats and update issues helps you to stay in the loop and stay alert.

Staying Safe in the Android Environment

Screenshot 20240429 134826 Google Play Store

Protecting your Android device doesn't require you to be a tech wizard. Here are five straightforward ways to keep your digital life secure:

  1. Regular Updates: Keep your operating system and apps up to date, but only through official channels. Enabling automatic updates in the Google Play store can help keep you safe.
  2. App Source Verification: Download apps solely from the Google Play Store. Avoid installing software from unknown sources.
  3. Use Security Software: We are accustomed to having antivirus software on our PC’s, but it’s available for our Android devices as well. Such software can be another layer of security, acting as a watchdog for your device.
  4. Enable Google Play Protect: It’s like a security guard that checks all your apps for shady behavior.
  5. Educate Yourself About Phishing: Learn to spot phishing attempts. If an update or link looks fishy, it probably is!

Why Is it Important to Update Your Android Phone?

It can be annoying when an update changes a feature, removes a function, or completely changes the way we execute some actions on our phones. Here are four good reasons to keep that device updated:

  1. Protect Yourself from Software Exploits - Sometimes a weakness in the way an app was built becomes a potential gateway for malware. The longer you wait to update, the longer you are exposing your device to potential risk.
  2. Fixing of Bugs and Security Holes – Operating systems and apps are constantly being improved to get rid of “bugs” (unexpected glitches) and security issues discovered by developers. Better to get rid of small vulnerabilities before they become a large problem for your security.
  3. Compatibility and Feature Improvements – Keeping your device updated helps keep you compatible with new hardware and often adds really cool features for you to enjoy!
  4. Enhances performance – Updates often include optimizations to make your device run smoothly and efficiently – That means fewer crashes and errors for you to deal with!

Don’t Let the Imposters Come In!


The key takeaway from this analysis is to remain alert and watchful when it comes to installing or updating apps on your device. The 'Brokewell' malware, like a skilled imposter in a "Mission Impossible" scenario, shows us the critical importance of questioning and verifying the authenticity of what appears to be familiar.

With a little sleuthing, you can usually determine if what you see on your screen is legitimate or a malicious imposter in disguise. Stick to the Google Play Store as your source for apps and updates. Keep Google Play Protect enabled. Consider additional antivirus protection designed for your mobile device. Remember, your phone is a gateway to your personal and financial information. So, treat every interaction cautiously, keep your device updated through trusted channels, and educate yourself on how to spot attempts to phish your personal information.

Visit our Cybersecurity page to see how allCare IT can help your organization protect itself from cyber threats every day!