Many people believe that smartphones are somehow less of a target for threat actors.

Meta Malvertising Campaign Spreads Android Crypto-Stealing Malware

A sophisticated malvertising campaign targeting Meta’s ad network has expanded from Windows to Android users worldwide, deploying an advanced version of the Brokewell malware disguised as TradingView’s premium app[1].

Since July 22, 2025, cybercriminals have launched over 75 malicious Facebook ads, reaching tens of thousands of users across the European Union[1:1]. The campaign tricks victims into downloading a malicious APK from fake domains that mimic TradingView’s official website.

The malware, an enhanced strain of Brokewell, functions as both spyware and a remote access trojan (RAT) with capabilities including:

  • Cryptocurrency theft (BTC, ETH, USDT)
  • SMS interception for banking and 2FA codes
  • Google Authenticator data extraction
  • Screen recording and keylogging
  • Camera and microphone activation
  • Remote command execution via Tor and WebSockets[1:2]

The attackers have localized their ads in multiple languages including Vietnamese, Portuguese, Spanish, Turkish, Thai, Arabic and Chinese to maximize reach[1:3]. While the Android campaign currently focuses on impersonating TradingView, the Windows version has mimicked numerous brands including Binance, Bitget, Metatrader, and OKX[1:4].

  1. Bitdefender - Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

  • Telorand@reddthat.com
    10·
    4 days ago

    Gee, if only there was an alternative to Meta’s stinky apps…some kind of decentralized, federated network of servers and users that’s funded by the community instead of ads and user data sales…

    Ah, well. We can only dream. /s

    • Zerush@lemmy.mlOP
      4·
      3 days ago

      Yes, would be nice, the problem is the family and friends which are using Fakebook, Whatscrap and other and you in their contact list, than you are also in the Zuckerbot To Do list, irrelevant if you’ve an account or not. Than you can’t do other as block completly Facebook from your internet as I do.

    • Zerush@lemmy.mlOP
      2·
      3 days ago

      Minimum, better using Portmaster and block anything from Fakebook in both directions, but than also you can’t access, avoiding to click accidentaly on a link, irrelevant of which from it’s apps or services

      This cause