A recent analysis reveals that threat actors are exploiting Meta’s ad platforms to push fake TradingView apps, tricking Android users into downloading an advanced version of the Brokewell malware. Once installed, the trojan abuses accessibility permissions to steal credentials, intercept two-factor authentication codes, drain crypto wallets, and grant attackers remote control of the device. This campaign underscores how mobile malvertising has evolved into a powerful delivery channel for sophisticated financial malware.
Read the full report here.