Security News > 2023 > December > Android malware Chameleon disables Fingerprint Unlock to steal PINs
The Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices - disable fingerprint and face unlock to steal device PINs.
It does this by using an HTML page trick to acquire access to the Accessibility service and a method to disrupt biometric operations to steal PINs and unlock the device at will.
Zombinder "Glues" malware to legitimate Android apps so that victims can enjoy the full functionality of the app they intended to install, making it less likely to suspect that dangerous code is running in the background.
The first new feature seen in the latest Chameleon variant is the ability to display an HTML page on devices running Android 13 and later, prompting victims to give the app permission to use the Accessibility service.
The malware captures any PINs and passwords the victim enters to unlock their device and can later use them to unlock the device at will to perform malicious activities hidden from view.
Cybercrime service bypasses Android security to install malware.
News URL
Related news
- New Medusa malware variants target Android users in seven countries (source)
- Snowblind malware abuses Android security feature to bypass security (source)
- Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes (source)
- SMS Stealer malware targeting Android users: Over 105,000 samples identified (source)
- New Android malware wipes your device after draining bank accounts (source)
- Week in review: VMware ESXi zero-day exploited, SMS Stealer malware targeting Android users (source)
- New LianSpy malware hides by blocking Android security feature (source)