Chameleon Trojan : Malware
Cybersecurity researchers recently identified a potent variant of the infamous ‘Chameleon Trojan’ malware, posing a substantial risk to Android device users.
- Chameleon Trojan is a malware that has the ability to disable biometric authentication methods, including fingerprint and face unlock, to sneakily access sensitive information.
- The malware strategically attaches itself to legitimate Android applications, such as the widely used Google Chrome, effectively avoiding immediate detection.
- Operating discreetly in the background, Chameleon Trojan can disable biometric security measures, specifically targeting PINs.
- The malware bundles are reportedly undetectable during runtime, enabling it to outsmart Google Protect alerts and circumvent security software on the compromised device.
- This approach allows the Trojan to operate without any worries, evading immediate countermeasures.
- Once active, Chameleon Trojan steals on-screen content, elevates its own permissions, and can even use gestures to capture PINs and passwords entered by users to unlock their devices.
- The stolen PIN is then employed to unlock the device in the background, enabling the malware to access sensitive information such as credit card passwords and login credentials.
- The malware also collects information on users’ app usage habits, launching attacks when the device is least likely to be in use.