Be aware of mobile phone new MALWARE family, Brokewell.
How do you protect yourself and your business from malware and viruses?
# What is Brokewell? Stay protected against malware in China.
Brokewell - Well, Now You are Broke!
ThreatFabric analysts recently discovered a previously unseen mobile phones malware family, “Brokewell,” with an extensive set of Device Takeover capabilities.
Brokewell pose as a browser update on Android devices, bypasses Android 13+ restrictions and provides attackers with remote access to all assets available through mobile banking. It uses overlay attacks, targeting a popular “buy now, pay later” financial service approach.
Brokewell is a modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware. Moreover, Brokewell is equipped with “accessibility logging,” capturing every event happening on the device: touches, swipes, information displayed, text input, and applications opened. All actions are logged and sent to the command-and-control server, effectively stealing any confidential data displayed or entered on the compromised device.
After stealing the credentials, the actors can initiate a Device Takeover attack using remote control capabilities. To achieve this, the malware performs screen streaming and provides the actor with a range of actions that can be executed on the controlled device, such as touches, swipes, and clicks on specified elements.
to read more about Brokewell, follow the link: Do not go broke from new banking malware! (threatfabric.com)
What shall you do?! How can you protect yourself and your business from malware and viruses?
# Protected Against Malware and Viruses
Malware is an umbrella term for any program that tries to invade or harm a system. It includes viruses, worms, Trojans, adware, ransomware, and others.
No antivirus software can guarantee 100% protection against all viruses, so it’s important to have a multi-layered security approach.
Some of the steps you could take to improve the situation are listed below. Contact us for additional information.
#1 Educate the users. Training on Personal Security Awareness & Phishing protection.
About 90% of cyber-attacks begin with a phishing email, text or malicious link, so training users not to click on anything they’re not sure about could have the highest return on investment (ROI). Training users on whom and what to trust and teach them not to fall for phishing or other schemes is priority.
China has been a safe heaven, but recently, hackers are leveraging the trend for e-invoices in China to seed malware in users’ devices via e-fapiao e-mail attachments. Training your finance team is paramount.
We offer onsite “Training on Personal Security Awareness & Phishing protection”.
The entry level training takes 2 hours, is in Chinese or English Language, include real-time phishing and hacking simulations. We can do the training at your office, any day, any time.
#2 Back up data and test restore procedures.
Regular encrypted backups can help keep important data safe from data loss or ransomware. Ideally, that backup should be kept offline and “immutable” to prevent ransomware attackers from accessing it, Backup processes are critical to protecting against data loss. In a world of fast-moving, network-based ransomware worms and destructive cyber-attacks, you must enable a data protection solution.
Reminder: The Windows Server based file server or your NAS is not a backup solution!
#3 Install Antivirus Software and EDR. Protected Against Malware.
Make sure to use a reputable anti-malware program and keep it updated. This will help to detect and remove known malware. Implement EDR tools.
InnTech IT Solutions is a certified reseller partner of Symantec EndPoint Security, a fully clouded version malware protection and EDR software that include pro-active support protection for iOS, Android, Windows, Mac devices.
InnTech IT Solutions has in-house Symantec specialists that focus to administration of SESC, MPEPC and EDR tenants on pro-active and preventive support engagement, and are coaching the helpdesk engineers for onsite action where needed.
#4 Install NGN Firewall to protect your network.
We recommend installing NGN firewall for your office network, and also (perhaps a smaller unit ) for your home. A firewall, working as the primary filter, protects your network from both inbound and outgoing threats. A firewall can help to block unauthorized access to your network and can help to prevent malware from communicating with its command-and-control center.
InnTech IT solutions is a Fortinet partner. We have in-house NSE and FCP certified engineers.
A good choice for your office ( ~ 30-50 users ) would be Fortigate 100F. A cost-effective product for your home would be Fortigate 40F. Contact us for best pricing and implementation.
#5 Implement a business-grade email solution.
Most ransomware infections are spread through an email attachment or malicious download. Implementing a professional email solution that diligently block malicious websites, emails, and attachments through a layered security approach and a company-sanctioned file-sharing program is a big step forward enhancing your business cybersecurity.
InnTech IT Solutions is a Microsoft Partner, indirect reseller CSP tier2.
We recommend Microsoft Office365 as one of best business-grade email solution in China.
We can help with consulting, planning, subscribing, migrating to, administrating, and troubleshooting MS Office365 for you, customize and deliver onsite training to your team for SharePoint, Teams, Microsoft Apps, etc.
#6 Enforce Multi-Factor Authentication as a first line of defense.
Multi-factor Authentication (MFA) is an authentication method that requires the user to identify themselves by more than a username and password, thus enhance your organization’s security.
As example, Microsoft Authenticator is an MFA, it is a two-factor authentication program installed on your phone, that provides added security to your MS365 online accounts in the form of an app.
#7 Strong and Unique Passwords.
The best way to make a password strong is to make it long. Store the passwords in Keeper or similar vaults.
- At least 12 characters long (the longer, the better).
- Has a combination of upper and lowercase letters, numbers, punctuation, and special symbols.
- Random and unique.
Lucky #8: Engage InnTech IT Solutions as your IT Partner in China.
InnTech IT Solutions China – your amulet against cyber-scams.
The above 7 steps are only the starting point of the journey. Take the next steps together with us !
InnTech IT Solutions is a reliable Managed Services Provider (MSP) in China covering Shanghai and nearby satellite locations.
Cybersecurity is one of our expertise and priorities, and we are here to provide the guidance and deployment of IT systems needed to keep you safe in the digital world. We help businesses in taking proactive steps equipping individuals and organizations with the knowledge, skills, and tools to defend against cyberthreats.
With InnTech IT Solutions, you get support from a professional IT team and all-around expertise. Having a full team (InnTech IT Team) of established experts in place ensures that, whatever your request might be, it will be addressed and taken care of quickly and efficiently.
InnTech IT Solutions, acting as a fully outsourced solution with a blend of remote and on-site assistance, integrates with your existing IT team, thus ensuring a persistent support presence and resource availability for your organization.
search for more
share this article on
-
Devere engages InnTech to set up the Shanghai office IT infrastructureNovember 8, 2020/0 Comments -
-
What is the new cloud-broadband internet service from China Telecom?December 21, 2023/ -
-
How to stay protected against malware in China. Cyber Protection.October 31, 2023/ -
-
-
MS Office365 in China, new subscription cost May 1st, 2024April 29, 2024/