Security News > 2023 > December > Android malware Chameleon disables Fingerprint Unlock to steal PINs
The Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices - disable fingerprint and face unlock to steal device PINs.
It does this by using an HTML page trick to acquire access to the Accessibility service and a method to disrupt biometric operations to steal PINs and unlock the device at will.
Zombinder "Glues" malware to legitimate Android apps so that victims can enjoy the full functionality of the app they intended to install, making it less likely to suspect that dangerous code is running in the background.
The first new feature seen in the latest Chameleon variant is the ability to display an HTML page on devices running Android 13 and later, prompting victims to give the app permission to use the Accessibility service.
The malware captures any PINs and passwords the victim enters to unlock their device and can later use them to unlock the device at will to perform malicious activities hidden from view.
Cybercrime service bypasses Android security to install malware.
News URL
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)