MEXICO CITY.- At the beginning of 2023, the troyano Chameleon set off alarm bells among cybersecurity experts. Living up to its name, this malware stood out for its adaptability to infiltrate the Android operating system. At the time, it operated in Austria and Poland and targeted banking applications. However, researchers have identified a new variant with more capacity to harm users.
How does the new Chameleon malware variant operate?
An investigation carried out by the company specialized in cybersecurity, Threat Fabric, revealed an evolved variant of the Chameleon banking trojan with new tactics and advanced capabilities. Threat Fabric first discovered this malware in January 2023.
This old version might imitate banking applications, government institutions, and cryptocurrency services through phishing pages. The Trojan might steal cookies, intercept your SMS, collect your contacts, access your files and geographic location, among other things. As the cybersecurity company predicted, a evolved version of Chameleon which has also registered attacks in the United Kingdom and Italy.
How does Chameleon malware infect your computer?
In the same way as the original malware, this update is distributed through the Zombie service. It also includes more advanced features such as impersonating Google Chrome applications. According to Threat Fabric, this Chameleon variant is more sophisticated and has more adaptability. By imitating the original apps, users cannot suspect that it is a fake. It also manages to bypass several security measures. On Android 13 devices, with stricter permissions, it usually displays an HTML page for the user to enable the accessibility service, which allows the user to execute malicious files.
Cancel biometric access
Another of the advanced functions that Chamaleon presents and that worries cybersecurity experts is the way in which it can bypass cell phone biometric access. Through a series of commands and actions, this new variant bypasses biometric authentication and instead forces the execution of the PIN, pattern or password through keylogging to unlock the device.
For Threat Fabric, this feature allows cybercriminals to steal authentication keys such as PIN or password. Additionally, this data helps them access other devices. However, the same company assures that these hackers cannot have users’ biometric data. Hence they must be limited to other types of keys such as PIN.
Related news
#Chameleon #Android #malware #steal #banking #access
2024-04-16 10:59:19
