Android fans have another worrying issue to contend with and ignoring the latest alert could leave their devices at serious risk. The new warning has been issued by the security experts at Bitdefender after a sudden surge in attacks that are infecting phones with the vicious Brokewell malware.

Once installed, this bug sets about taking full control, with cyber crooks able to spy, steal data, raid bank accounts and pinch security codes that can then be used to hack email and other accounts. It’s a seriously concerning attack and seems to be a growing issue.

Bitdefender says Brokewell is being spread via fake adverts on social media. These sponsored messages claim to offer access to premium financial services (which usually cost thousands of pounds) for free.

All users need to do is download an official-looking app, which is then side-loaded onto devices and bypasses the safer Google Play Store.

According to Bitdefender’s most recent analysis, the malware campaign (which is still active) has used 75 malicious ads and may have reached tens of thousands of users in the EU alone.

Explaining more, the security team said: “Bitdefender researchers recently uncovered a wave of malicious ads on Facebook that lure targets with promises of a free TradingView Premium app for Android,” Bitdefender explained. “Instead of delivering legitimate software, the ads drop a highly advanced crypto-stealing trojan — an evolved version of the Brokewell malware.”

In a bid to stop anyone else becoming a victim, Bitdefender has now issued some advice including four rules aimed at keeping people safe. These include being careful and avoid so-called side-loading of apps, don’t click on links in adverts and always check before downloading any files.

Follow these top tips now

• Avoid sideloading apps – Only install apps from official stores like Google Play.

• Be wary of ads – Even on trusted platforms like Facebook, cybercriminals ca abuse ads.

• Check URLs carefully – Fake download pages often use lookalike domains.

• Review app permissions – If an app requests accessibility access or lock screen PINs without a clear reason, it’s a red flag.

This new alert comes just days after the team at Zscaler’s ThreatLabs confirmed that a whopping 77 dodgy apps are thought to have made their way onto the Google Play Store, with some laced with the nasty Anatsa malware that can steal banking details and enable fraudulent transactions.