Security News > 2023 > April > New Chameleon Android malware mimics bank, govt, and crypto apps
A new Android trojan called 'Chameleon' has been targeting users in Australia and Poland since the start of the year, mimicking the CoinSpot cryptocurrency exchange, an Australian government agency, and the IKO bank.
The mobile malware was discovered by cybersecurity firm Cyble, which reports seeing distribution through compromised websites, Discord attachments, and Bitbucket hosting services.
Chameleon includes a wide range of malicious functionality, including stealing user credentials through overlay injections and keylogging, cookies, and SMS texts from the infected device.
If the environment appears clean, the infection continues, and Chameleon requests the victim to permit it to use the Accessibility Service, which it abuses to grant itself additional permissions, disable Google Play Protect, and stop the user from uninstalling it.
At first connection with the C2, Chameleon sends the device version, model, root status, country, and precise location, probably to profile the new infection.
Chameleon is an emerging threat that may add more features and capabilities in future versions.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware (source)
- SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- GrassCall malware campaign drains crypto wallets via fake job interviews (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)