Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide

www.bitdefender.com

cross-posted to:
Technology@programming.dev

Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide

www.bitdefender.com

Zerush@lemmy.ml to

Privacy@lemmy.ml · 11 days ago

cross-posted to:
Technology@programming.dev

Many people believe that smartphones are somehow less of a target for threat actors.

Meta Malvertising Campaign Spreads Android Crypto-Stealing Malware

A sophisticated malvertising campaign targeting Meta’s ad network has expanded from Windows to Android users worldwide, deploying an advanced version of the Brokewell malware disguised as TradingView’s premium app^[1].

Since July 22, 2025, cybercriminals have launched over 75 malicious Facebook ads, reaching tens of thousands of users across the European Union^[1:1]. The campaign tricks victims into downloading a malicious APK from fake domains that mimic TradingView’s official website.

The malware, an enhanced strain of Brokewell, functions as both spyware and a remote access trojan (RAT) with capabilities including:

Cryptocurrency theft (BTC, ETH, USDT)
SMS interception for banking and 2FA codes
Google Authenticator data extraction
Screen recording and keylogging
Camera and microphone activation
Remote command execution via Tor and WebSockets^[1:2]

The attackers have localized their ads in multiple languages including Vietnamese, Portuguese, Spanish, Turkish, Thai, Arabic and Chinese to maximize reach^[1:3]. While the Android campaign currently focuses on impersonating TradingView, the Windows version has mimicked numerous brands including Binance, Bitget, Metatrader, and OKX^[1:4].

Bitdefender - Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

You must log in or register to comment.

Chat

Privacy@lemmy.ml

privacy@lemmy.ml

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacy@lemmy.ml

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
Don’t promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

715 users / day
1.07K users / week
1.08K users / month
1.12K users / 6 months
1 local subscriber
41.7K subscribers
140 Posts
502 Comments
Modlog