The infamous Chameleon Android malware just got a sinister upgrade, giving attackers the power to disable your fingerprint unlock and snatch up your PIN codes, as reported by cybersecurity whizzes at ThreatFabric.
Chameleon, like its shady malware buddies, plays dirty with the Android Accessibility Service, pilfering sensitive info and launching overlay attacks. Now, its latest version packs two nasty surprises. First up, it can pull off Device Takeover (DTO) fraud. Secondly, it can smoothly transition your lock screen from fancy biometrics to a good ol’ PIN.
For its first trick, the malware checks if your OS is the snazzy Android 13 or newer. If it is, it sweet-talks you into turning on accessibility services, guiding you through the process. Once that’s done, it runs amok, doing unauthorized stuff on your device.
Now, for the grand finale – stealing your PIN codes. Chameleon sneakily taps into Android APIs to slyly switch your lock screen authentication to a PIN. Of course, it needs you to grant access to accessibility services for this dark magic to work.
ThreatFabric’s experts warn that this upgraded Chameleon is flexing its muscles beyond its initial Aussie and Polish stomping grounds, now spreading its wings to places like the UK and Italy. It’s like the malware world’s version of a supervillain leveling up – more resilient, more features, and definitely not good news for Android users.
