What is the Chameleon Trojan?

Dec. 29, 2023

Cybersecurity researchers recently identified a potent variant of the infamous ‘Chameleon Trojan’ malware, posing a substantial risk to Android device users.

About the Chameleon Trojan:

It is a malware that has the ability to disable biometric authentication methods, including fingerprint and face unlock, to sneakily access sensitive information.
Working:
- The malware strategically attaches itself to legitimate Android applications, such as the widely used Google Chrome, effectively avoiding immediate detection.
- Operating discreetly in the background, Chameleon Trojan can disable biometric security measures, specifically targeting PINs.
- The malware bundles are reportedly undetectable during runtime, enabling it to outsmart Google Protect alerts and circumvent security software on the compromised device.
- This stealthy approach allows the Trojan to operate without any worries, evading immediate countermeasures.
- Its modus operandi varies depending on the Android version.
- Once active, Chameleon Trojan steals on-screen content, elevates its own permissions, and can even use gestures to capture PINs and passwords entered by users to unlock their devices.
- The stolen PIN is then employed to unlock the device in the background, enabling the malware to access sensitive information such as credit card passwords and login credentials.
- The malware also collects information on users’ app usage habits, launching attacks when the device is least likely to be in use.
To safeguard against the Chameleon Trojan, it is crucial to avoid installing Android apps from unofficial sources. Additionally, users should refrain from enabling the 'Accessibility service' for unknown apps.