Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Facebook Ads TradingView Brokewell malvertising campaign targeting Android and Windows users

Campaign
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

A Facebook Ads malvertising campaign is pushing a fake premium TradingView Android app that deploys Brokewell, reaching tens of thousands of users in the European Union and expanding to Windows desktops. The operation uses brand impersonation and malicious ads to move victims into malware installs across mobile and desktop environments.

Related Happenings

Massiv Android trojan device-takeover and credential-theft activity

Malware Activity
First: 19.02.2026 12:24 Last: 19.02.2026 12:24 Sources 1

About this happening: The **Massiv** Android trojan has been disclosed as a **device-takeover** threat that can steal banking credentials and enable fraudulent transactions. It uses **screen streaming*...

Open Happening

Android click-fraud trojans using TensorFlow.js to automate hidden ad taps

Malware Activity
First: 22.01.2026 00:07 Last: 22.01.2026 00:07 Sources 1

About this happening: The **Android click-fraud trojan family** now uses **TensorFlow.js** to identify and tap ad elements on **Android devices**, making fraudulent clicks more adaptive and harder to s...

Open Happening

Wonderland Android SMS stealer activity targeting Uzbekistan

Malware Activity
First: 22.12.2025 08:11 Last: 22.12.2025 08:11 Sources 1

About this happening: The **Wonderland** Android SMS stealer is being spread through **malicious droppers** in attacks targeting **users in Uzbekistan**, enabling **SMS and OTP theft** and bank-card fr...

Open Happening

GoldFactory Southeast Asia mobile fraud campaign using modified banking apps

Campaign
First: 04.12.2025 11:27 Last: 04.12.2025 11:27 Sources 1

About this happening: GoldFactory has launched a **fresh mobile fraud campaign** against users in **Indonesia, Thailand, and Vietnam**, using **government impersonation** and **modified banking apps**...

Open Happening

Albiriox Android MaaS malware with VNC fraud control

Malware Activity
First: 01.12.2025 10:45 Last: 01.12.2025 10:45 Sources 1

About this happening: A new **Android** malware family, **Albiriox**, has emerged as a **malware-as-a-service (MaaS)** offering that can drive **on-device fraud**, manipulate screens, and remotely inte...

Open Happening

Timeline

  1. 01.09.2025 20:28 2 articles · 8mo ago

    Fake TradingView ads deliver Brokewell to Android and Windows lures

    Campaign Scope Update

    Malicious Facebook ads began promoting a fake premium TradingView Android app to Android users, while the same malvertising operation also used financial and cryptocurrency app lures against Windows desktop users and deployed an improved Brokewell banking trojan. The campaign reached tens of thousands of users in the European Union.

    Show sources
    Open in new tab
  2. 01.09.2025 20:28 1 articles · 8mo ago

    Bitdefender warns of Facebook Ads campaign pushing fake TradingView app with Brokewell

    Initial Disclosure

    Bitdefender Labs warned that a malvertising operation abusing Facebook Ads was promoting a free premium TradingView Android app that installs an improved Brokewell banking trojan to monitor, control, and steal sensitive information from Android users. The campaign had run at least 75 malicious ads since July 22, 2025 and reached tens of thousands of users in the European Union.

    Show sources
    Open in new tab