Scientists have alarmed Android device owners as a new version of the malware that poses a serious threat to the security of Android devices has been discovered, named ‘Chameleon Trojan’. This malware has the ability to disable biometric authentication methods, such as fingerprint and face unlock, in order to steal the phone’s PIN.
The Chameleon Trojan disguises itself by attaching to legitimate Android apps like Google Chrome, making it harder to detect. Once infiltrated, the malware operates in the background, avoiding notice. According to cybersecurity company ThreatFabric, which has been monitoring the malware since its discovery earlier this year, the threat actors behind Chameleon Trojan claim that its bundles are practically undetectable during runtime. This allows the malware to bypass Google Protect alerts and security software on the device.
Once active, Chameleon Trojan steals on-screen content, elevates its own permissions, and can even use gestures to capture PINs and passwords entered by users to unlock their devices. The stolen PIN is then employed to unlock the device in the background, enabling the malware to access sensitive information such as credit card passwords and login credentials.
Researchers have also noted that the malware collects information on users’ app usage habits, launching attacks when the device is least likely to be in use. To protect against Chameleon Trojan, experts recommend refraining from installing Android apps from unofficial sources, avoiding enabling the ‘Accessibility service’ for unknown apps, and regularly running security scans. It is also crucial to keep Google Play Protect enabled at all times to enhance device security. By adopting these measures, users can reduce the risk of falling victim to the Chameleon Trojan and similar threats.