Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Cybersecurity tool sprawl: when too many cooks spoil the soup!
Sasken Partners with VicOne to Deliver End-to-End Automotive Cybersecu...
Ricoh named in TIME World’s Best Companies of 2025 for employee ...
SU Group Holdings Receives Notice of Delisting from Nasdaq Due to Mini...
Fescaro, TUV Nord join forces on auto cybersecurity compliance
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Cybersecurity tool sprawl: when too many cooks spoil the soup!

      Cybersecurity tool sprawl: when too many cooks spoil the soup!

      Monday, September 22, 2025, 5:16 PM Asia/Singapore | Features, Newsletter
    • Featured

      Combating the surge in Asia Pacific credential abuse and ransomware

      Combating the surge in Asia Pacific credential abuse and ransomware

      Wednesday, September 17, 2025, 5:06 PM Asia/Singapore | Features
    • Featured

      The rise of digital wallets: What businesses in APAC need to know

      The rise of digital wallets: What businesses in APAC need to know

      Tuesday, September 2, 2025, 1:59 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

News

Malvertising campaign targets Android users with advanced crypto-stealing trojan malware

By CybersecAsia editors | Monday, September 1, 2025, 3:20 PM Asia/Singapore

Malvertising campaign targets Android users with advanced crypto-stealing trojan malware

Why pay thousands when you can get Premium crypto-trading service for a  full year at no cost?

A new wave of malicious advertising targeting Android users has been uncovered, spreading advanced crypto-stealing malware disguised as legitimate mobile apps.

The campaign currently employs fake ads on Meta’s platforms, offering a purported free premium version of a popular trading app for Android that costs thousands of dollars per year to use.

The ads mimic familiar branding and visuals to deceive users into clicking and downloading a malicious .apk file from fraudulent websites that closely imitate official app pages. A commonly used prompt in the ads is: “Why pay a year when you can get Premium for a  full year at no cost?”

Instead of the legitimate software, users end up downloading a sophisticated trojan designed to steal cryptocurrency credentials and other sensitive information. Once installed, the malware requests extensive device permissions, including accessibility access, often hidden behind fake update prompts. This access allows the malware to perform numerous intrusive actions such as overlaying screens with deceptive messages, stealing lock screen PINs, and extracting data from installed apps, including financial and authentication apps. Other details of the malware include:

  • Indications that it is a significantly evolved version of the Brokewell trojan, functioning as both spyware and a remote access tool.
  • If a desktop user clicks on the ad, random and benign content will be delivered instead.
  • It communicates with its command servers through encrypted channels, enabling attackers to remotely control infected devices, capture screenshots, record audio, dump clipboard contents, scrape email inboxes, and harvest two-factor authentication credentials.
  • Its capabilities likely make it one of the most advanced Android threats linked to malvertising campaigns observed so far.

To boost distribution, the attackers localize their fake ads in multiple languages and impersonate numerous well-known brands and financial platforms. Although initially targeting Windows desktop users, this operation now actively pursues users of the Android operating system.

Since 22 July 2025 the global campaign, uncovered by Bitdefender, has used at least 75 malicious ads. By 22 August 2025, tens of thousands of users in the EU alone had been affected by the trojan malware.

Share:

PreviousInsider threats cited alongside external attacks in terms of severity: risk survey
NextThe rise of digital wallets: What businesses in APAC need to know

Related Posts

Survey indicates levels of banking security and customer trust in Indonesia

Survey indicates levels of banking security and customer trust in Indonesia

Thursday, April 10, 2025

The security dilemma of IoT devices and potential consequences

The security dilemma of IoT devices and potential consequences

Wednesday, December 23, 2020

Q3 threat landscape: what should not have been

Q3 threat landscape: what should not have been

Friday, December 1, 2023

Disclosures of vulnerabilities in industrial control systems: the more the better

Disclosures of vulnerabilities in industrial control systems: the more the better

Wednesday, February 22, 2023

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.