Explorer

Chameleon Trojan Malware Detected. It Can Disable Biometric Unlock And Steal Passwords

The Cameleon Trojan integrates with authentic Android apps such as Google Chrome to avoid detection.

A recently discovered a variant of the "Chameleon Trojan" malware, as identified by security researchers, has been found to the capability to deactivate biometric authentication methods such as fingerprint and face unlock, and can disable the PIN of your phone. According to a recent report by Bleeping Computer, the creators of the malware assert that bundles of the Cameleon Trojan are invisible during runtime, enabling them to circumvent Google Protect alerts and evade detection by security software operating on the device.

As per cybersecurity firm ThreatFabric, which is monitoring the malware since its identification earlier this year, the Cameleon Trojan integrates with authentic Android apps such as Google Chrome to avoid detection, executing its code surreptitiously in the background. Upon infecting your device, Chameleon Trojan employs strategies for unauthorized access. On Android 13 and subsequent versions, it deceives users through a counterfeit HTML page, prompting them to activate the "Accessibility" service.

This grants access to on-screen content, additional permissions, and gesture control. This enables the trojan to circumvent the security mechanisms of the device. The malware also has the potential to steal your banking details, putting your sensitive financial information at risk and resulting in significant financial repercussions. Chameleon Trojan also has the ability to seize control of your devices by utilizing highjacked PINs and passwords, granting unrestricted access. This facilitates unauthorized transactions and the theft of sensitive data, essentially handing over control of your digital devices to malicious actors.

The Chameleon Trojan steals on-screen content, elevates its permissions, and utilizes gestures to capture any PINs and passwords entered by users for device unlocking. Subsequently, the trojan employs the stolen PIN to clandestinely unlock the device, enabling the theft of more sensitive information such as credit card passwords and login credentials.

According to security researchers, the malware gathers data on app usage patterns to ascertain when the user is actively utilizing their device, strategically launching attacks during periods when usage is least anticipated.

How To Protect Yourself From Chameleon Trojan

To safeguard against the Chameleon Trojan, refrain from installing Android apps from unofficial sources, and ensure that you do not activate the 'Accessibility service' for unfamiliar apps. Additionally, cybersecurity experts recommend conducting regular security scans and keeping Google Play Protect enabled consistently.

 

View More
Advertisement
Advertisement
25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Advertisement

Top Headlines

'Rahul Gandhi Has His Opinion, I Have Mine': Supriya Sule Praises Savarkar
'Rahul Gandhi Has His Opinion, I Have Mine': Supriya Sule Praises Savarkar
Rahul Gandhi, Eknath Shinde's Choppers, Bags Checked In Maharashtra
Rahul Gandhi, Eknath Shinde's Choppers, Bags Checked In Maharashtra
'Expired Fire Dousers, Faulty Alarm System': Jhansi Hospital Tragedy Exposes Safety Lapses
'Expired Fire Dousers, Faulty Alarm System': Jhansi Hospital Tragedy Exposes Safety Lapses
Lawrence Bishnoi Plotted Baba Siddique Murder Within 10 Days Of Firing At Salman Khan's House
Lawrence Bishnoi Plotted Baba Siddique Murder Within 10 Days Of Firing At Salman Khan's House
Advertisement
ABP Premium

Videos

Jhansi Medical College Fire: Akhilesh Yadav Slams Yogi Govt, Demands Action as Tragic Fire Claims Lives of 10 NewbornsMaharashtra Elections 2024: Amit Shah Slams LoP Rahul Gandhi Ahead Of Polls | ABP NewsCM Yogi Announces Rs 5 Lakh Compensation for Jhansi Tragedy Victims' Families, Rs 50,000 for the InjuredDelhi Crime: Gunfire Erupts Again in Delhi, Criminals Open Fire in Gokulpuri Area

Photo Gallery

Embed widget