Cybersecurity specialists at ThreatFabric recently unveiled an advanced iteration of the Chameleon Android virus, exhibiting heightened danger by bypassing biometric security measures on smartphones and tablets.
Disguised as Popular Apps
The virus adopts the guise of prominent applications, often camouflaged within installation files of widely-used platforms such as Google Chrome. While initially targeting users in Poland and Australia, recent activity indicates a shift towards Italy and the UK, posing a risk to any Android user who unwittingly installs the malicious program.
Enhanced Capabilities Pose Greater Risk
Originally detected in early 2023, the virus primarily focused on infiltrating banking and cryptocurrency applications. However, continuous modifications led to the addition of a feature enabling the disabling of biometric protections on infected devices. Upon installation, victims encounter an HTML page prompting them to enable accessibility settings, enabling attackers to bypass security measures, including fingerprint unlocking. This facilitates the theft of PINs and potentially other passwords, notes NIXSolutions.
According to experts, these enhancements significantly elevate the sophistication and adaptability of this new Chameleon version, intensifying its threat in the dynamic landscape of mobile banking Trojans.