Threat actors are exploiting Meta ads to distribute fake TradingView Premium apps on Android, deploying the sophisticated Brokewell malware to steal crypto and personal data. This campaign highlights the growing danger of mobile-targeted malvertising and advanced spyware threats. #Brokewell #AndroidMalware
Keypoints
- Cybercriminals are using over 75 fake Meta ads since July to promote malicious TradingView apps.
- The malware requests accessibility permissions and hides behind fake update prompts to deceive users.
- Brokewell malware supports extensive espionage features, including keylogging, geolocation, and crypto wallet theft.
- The spyware communicates with command-and-control servers via Tor and WebSocket for remote operations.
- Experts advise installing apps only from official sources and avoiding suspicious ads to prevent infection.