Android phones at risk with ‘Chameleon Trojan’ malware! Top security tips to protect your device
Scientists have alarmed Android device owners as a new version of the malware that poses a serious threat to the security of Android devices has been discovered, named ‘Chameleon Trojan’. This malware has the ability to disable biometric authentication methods, such as fingerprint and face unlock, in order to steal the phone’s PIN.
The Chameleon Trojan disguises itself by attaching to legitimate Android apps like Google Chrome, making it harder to detect. Once infiltrated, the malware operates in the background, avoiding notice. According to cybersecurity company ThreatFabric, which has been monitoring the malware since its discovery earlier this year, the threat actors behind Chameleon Trojan claim that its bundles are practically undetectable during runtime. This allows the malware to bypass Google Protect alerts and security software on the device.
On older Android versions, including Android 12, Chameleon Trojan exploits the Accessibility service to gain unauthorized access. However, newer Android versions come with enhanced security restrictions. To circumvent this, the malware displays an HTML page with instructions on enabling the Accessibility service for the app, tricking users into providing access.
Once active, Chameleon Trojan steals on-screen content, elevates its own permissions, and can even use gestures to capture PINs and passwords entered by users to unlock their devices. The stolen PIN is then employed to unlock the device in the background, enabling the malware to access sensitive information such as credit card passwords and login credentials.
Researchers have also noted that the malware collects information on users’ app usage habits, launching attacks when the device is least likely to be in use.
Read more on financialexpress.com
