New Brokewell malware takes over Android devices, steals data ( www.bleepingcomputer.com )

GenderNeutralBro , 12 days ago

Doesn't it require jumping through a ton of hoops to install apks from unknown sources on modern Android? How many people are A) capable of doing this, and B) naive enough to actually do it?

That said, I don't use Chrome so I've never seen that incredibly shady-looking real update notification they showed in the article. If Google has indeed trained users to expect and accept something like that, then shame on Google. I can't blame users for thinking the fake one is legit. It looks very similar (and it seems like it would be trivial to make it look 100% identical). But still, how does the apk actually get installed?

tjhart85 , 12 days ago

When I installed fdroid from their website a month or two back it was like 2 or 3 clicks. Then whenever I want to install anything from there it's an extra click or two over what it would be from Play.

I've seen people click through way more complicated processes than this without even knowing they did it. Modern computing has taught people to just keep hitting whatever the approval text is (yes windows, I really do want to copy all of these god damn files. Yes, really, I still do! Yep, again, ALL of them!)

SqueakyBeaver , 12 days ago

The only hoops are

1. Try to install APK, popup appears
2. Press "go to settings" or whatever
3. Enable toggle
4. Possibly try to install APK again if the installation prompt doesn't automatically appear

victorz , 12 days ago

Most of the people I know that aren't tech savvy are at least smart enough to be aware of that fact, so they would already hesitate at 2. The real dangerous people are the confident ignoramuses.

possiblylinux127 , 12 days ago

The twist? It installs google services

kindenough , 12 days ago

We like chrome here as much as a vampire likes sunlight.

victorz , 12 days ago

Got'em! 🔥

smeg , 13 days ago

Researchers at fraud risk company ThreatFabric found Brokewell after investigating a fake Chrome update page that dropped a payload, a common method for tricking unsuspecting users into installing malware.

So just a classic fake update button

To protect yourself from Android malware infections, avoid downloading apps or app updates from outside Google Play and ensure that Play Protect is active on your device at all times.

Fine advice for someone who has no idea how their phone works, I suppose

limerod , 13 days ago

That's most people in general.

smeg , 13 days ago

True, if you don't already know the answer to that is "no I don't" then the answer probably is "yes you do"

Cheradenine , 12 days ago

Remember that the bar for entry for a lot of these things is going to be a trip hazard for most Lemmings.

I actually explained 419 scams to someone last week when they got a reasonably well crafted one. There are a lot of people who believe in Nigerian Princes.

That should be my new alt

smeg , 12 days ago

True, but I assume most of these people aren't reading tech news!

normonator , 12 days ago

Play protect is fucking trash but it's something I guess

smeg , 12 days ago

Yeah, as long as I'm always able to disable it then I'm fine with it being there for the casual user

BearOfaTime , 12 days ago

You have to go out of your way to permit apps to install anything since like Android 9, iirc.

By default, only the play store can install apps, and anything asking for the permission has a pretty clear warning.