Chameleon It was one of the most important malware of 2023 when it comes to cybersecurity. He banking virus It was detected at the beginning of the year and since then it has been considered one of the most dangerous threats to Android phones.

Luckily, this along with many other malwares found during the year have already been successfully expelled from the Play Store. Currently, your mobile can only be infected with it if you download apps outside of the Google store.

Now, it seems that this hasn’t stopped the Chameleon developers. And the virus has just received an update that gives it the ability to steal the PIN to unlock the mobileeven if you have fingerprint authentication activated.

Chameleon: the malware is renewed and now sabotages fingerprint unlocking to steal your Android’s PIN

Crashed operating system

Chameleon, a malware that disguises itself as Google Chrome APK, has received a very dangerous upgrade. And the ThreatFabric cybersecurity team has tracked the latest update of this virus that comes with many new features. For starters, they have expanded their reach to users in the United Kingdom and Italy and not just Australia and Poland.

Additionally, in its new version it has the ability to enable accessibility services and disable biometric authentication. To do this, take advantage of the KeyguardManager and AccessibilityEvent APIs that manage lock methods such as pattern, PIN, or password.

Well, with these APIs, malware can move from biometric authentication to PIN authentication. Thus, by bypassing fingerprint security, Chameleon can unlock the device at will for malicious purposes. also can open banking apps that use fingerprint and PIN as login credentials.

What to do to avoid it? Well basically Make sure you don’t download Google Chrome outside of the Play Store and if you have to install an app through an APK that you downloaded from the Internet, we recommend that you analyze it with VirusTotal.

Source | ThreatFabric

Post
Filter
Apply Filters