A recently discovered a variant of the "Chameleon Trojan" malware, as identified by security researchers, has been found to the capability to deactivate biometric authentication methods such as fingerprint and face unlock, and can disable the PIN of your phone. According to a recent report by Bleeping Computer, the creators of the malware assert that bundles of the Cameleon Trojan are invisible during runtime, enabling them to circumvent Google Protect alerts and evade detection by security software operating on the device.


As per cybersecurity firm ThreatFabric, which is monitoring the malware since its identification earlier this year, the Cameleon Trojan integrates with authentic Android apps such as Google Chrome to avoid detection, executing its code surreptitiously in the background. Upon infecting your device, Chameleon Trojan employs strategies for unauthorized access. On Android 13 and subsequent versions, it deceives users through a counterfeit HTML page, prompting them to activate the "Accessibility" service.


This grants access to on-screen content, additional permissions, and gesture control. This enables the trojan to circumvent the security mechanisms of the device. The malware also has the potential to steal your banking details, putting your sensitive financial information at risk and resulting in significant financial repercussions. Chameleon Trojan also has the ability to seize control of your devices by utilizing highjacked PINs and passwords, granting unrestricted access. This facilitates unauthorized transactions and the theft of sensitive data, essentially handing over control of your digital devices to malicious actors.


The Chameleon Trojan steals on-screen content, elevates its permissions, and utilizes gestures to capture any PINs and passwords entered by users for device unlocking. Subsequently, the trojan employs the stolen PIN to clandestinely unlock the device, enabling the theft of more sensitive information such as credit card passwords and login credentials.


According to security researchers, the malware gathers data on app usage patterns to ascertain when the user is actively utilizing their device, strategically launching attacks during periods when usage is least anticipated.


How To Protect Yourself From Chameleon Trojan


To safeguard against the Chameleon Trojan, refrain from installing Android apps from unofficial sources, and ensure that you do not activate the 'Accessibility service' for unfamiliar apps. Additionally, cybersecurity experts recommend conducting regular security scans and keeping Google Play Protect enabled consistently.