Millions of Android users have been warned about a new, previously undocumented malware that uses fake Google Chrome updates to trick users and compromise their devices. malware, dubbed "Brokewell," can siphon user data, access banking apps, spy on users, and even allow attackers full remote access to Android devices.

"Brokewell poses a serious threat to the banking industry by giving attackers remote access to all assets available through mobile banking," Dutch security firm ThreatFabric said in an analysis released this week. The malware, which has "both data theft and remote control capabilities," accesses victims' Android devices by tricking them into installing the Brokewell Trojan on their phones.

The Trojan disguises itself as an update for a new version of Google Chrome and uses a visual design similar to the legitimate Chrome installation prompt to avoid suspicion. However, there is an obvious grammatical error common to this type of scam: instead of saying "The browser built to be yours" like the original Google prompt, the fake version infected with Brokewell displays "An update is required yours" An update is required yours.

Once downloaded, Brokewell creates an overlay screen in front of the app being used to retrieve login information, steal session cookies, and even type or click on the phone's screen to steal funds from the compromised device .

The malware itself is "an unprecedented malware family with a wide range of capabilities," according to ThreatFabric. To make matters worse, Brokewell appears to be in active development and is updated regularly; ThreatFabric traces the malware back to a hacker named Baron Samedit Marais and a site called Brokewell Cyber Labs through a site called Brokewell Cyber Labs, which reportedly sells it along with various other malicious tools.

"With malware already being updated almost daily, we expect further evolution of this malware family. Brokewell will likely be promoted as a rental service on underground channels, attracting the interest of other cybercriminals and sparking new campaigns targeting different geographies." [Android malware is not uncommon. Just earlier this month, hackers were found to be infecting unsuspecting users with malware by injecting scripts into websites and displaying fake Chrome update errors The first and most important thing you can do to protect yourself from Android malware is, Be extremely careful when downloading and installing updates and new apps.

If you have one of the best Android smartphones, chances are good that it has Google Play Protect pre-installed. With this app enabled, it will scan existing and newly downloaded apps for malware. Likewise, for added protection, you may also want to consider installing one of the best Android antivirus apps to run with it.