If you use your fingerprint instead of PIN to unlock your phone because it is more secure, you are absolutely right. However, hackers have upgraded it android malware to capture best android phones By disabling both fingerprint and face unlock to steal your device’s PIN.

As reported bleepingcomputerThe Chameleon Banking Trojan Has recently re-emerged online with advanced capabilities. Previous versions of this banking Trojan were discovered earlier this year and were used to impersonate government agencies, banks, and crypto exchanges.

Hackers also used Chameleon to perform keylogging, inject overlays on top of popular apps for credential harvesting, and steal cookies and text messages on compromised phones.

With your PIN in hand, cyber criminals are able to unlock and access your smartphone at any time, making it much easier to steal sensitive information from your phone as well as drain your bank accounts and steal from other financial apps goes.

Impersonating Chrome to steal your phone’s PIN

according to a new report From hazmat clothChameleon malware is currently being distributed through a zombinder To slide the service further under the radar, it is posing as Google Chrome.

For those unfamiliar with Zamobinder, it is actually a malware packer that can add malicious code to legitimate Android apps. This now helps compromised apps avoid detection and the cybercriminals behind the service even claim that their malicious bundles can be bypassed Google Play Protect simultaneously Best Android Antivirus Apps,

In addition to a new delivery method, this upgraded Chameleon version can display an HTML page on devices running android 13 or later which is used to trick potential victims into allowing the app to use the operating system accessibility service, The reason this feature was added is that Android 13 includes a security feature restricted settings Which blocks permissions like accessibility that can be misused malicious apps, Since accessibility would normally be blocked, the HTML page manually guides potential victims through the process to enable this permission.

Additionally, this new variant of the Chameleon banking Trojan can disrupt the use of biometrics such as fingerprint or face unlock on infected Android smartphones. The feature also abuses the Accessibility Service to force a device to unlock or use a PIN or password for authentication. From here, the malware captures these PINs or passwords as they are entered and can be used to unlock a compromised device at any time later.

Chameleon can now also schedule tasks through the AlarmManager API so that the malware does not run when the infected phone is normally active. This also helps him to remain hidden and avoid detection.

How to stay safe from Android malware

(Image credit: Google)

Protecting yourself from Android malware becomes much more difficult when services like Zombinder are involved. This is because as I mentioned above, Zombinder allows legitimate apps to insert malicious code to avoid detection by both Google Play Protect and antivirus software.

Because of this, you may want to avoid these types of compromised apps altogether. The easiest way to do this is to not sideload apps on your Android smartphone. Although it is convenient and quite fast to install apps as APK files, it is very difficult to tell what is contained in these files. Instead, you want to stick to official app stores like Google Play Store or official third-party stores like Amazon Appstore or Samsung Galaxy Store as they carefully check every app on their stores for potential threats.

Now that this threat is becoming more serious, it is likely that Google is working on a way to detect apps containing malware through Zombinder in Google Play Protect. However, until then, limiting the number of apps on your smartphone and avoiding installing apps you don’t necessarily need is the best step you can take.

More from Tom’s Guide

Today’s best Bitdefender mobile security deals

bitdefender

Source

Post
Filter
Apply Filters