Chameleon Trojan: New Android malware
Cyber security researchers have issued a warning about this new malware. Chameleon Trojan attaches itself to legitimate Android apps to avoid detection and runs code in the background.
source: internet
What is the Chameleon Trojan ?
Chameleon is a Trojan malware that targets Android operating systems. It can steal information, especially banking data, and perform other malicious activities.
It is a malware that has the ability to disable biometric authentication methods, including fingerprint and face unlock, to sneakily access sensitive information.
Chameleon Trojan Working
-
- The malware strategically attaches itself to legitimate Android applications, such as the widely used Google Chrome, effectively avoiding immediate detection.
- Operating discreetly in the background, Chameleon Trojan can disable biometric security measures, specifically targeting PINs.
- The malware bundles are reportedly undetectable during runtime, enabling it to outsmart Google Protect alerts and circumvent security software on the compromised device.
- This stealthy approach allows the Trojan to operate without any worries, evading immediate countermeasures.
- Its modus operandi varies depending on the Android version.
- Once active, Chameleon Trojan steals on-screen content, elevates its own permissions, and can even use gestures to capture PINs and passwords entered by users to unlock their devices.
- The stolen PIN is then employed to unlock the device in the background, enabling the malware to access sensitive information such as credit card passwords and login credentials.
- The malware also collects information on users’ app usage habits, launching attacks when the device is least likely to be in use.
source: Internet
To safeguard against the Chameleon Trojan
it is crucial to avoid installing Android apps from unofficial sources. Additionally, users should refrain from enabling the ‘Accessibility service’ for unknown apps.