A new threat is targeting Android users who use banking and financial apps on their phones. The threat is a malware called Chameleon, which can bypass security features and steal money from unsuspecting victims. Chameleon was first detected in early 2021 and has been evolving ever since. It disguises itself as a legitimate app and asks for permissions from the user. Once it gets access to the phone, it can spy on the user’s activity and capture credentials.
One of the most dangerous features of Chameleon is that it can override the “restricted setting feature” that was introduced in Android 13. This feature allows the user to control which apps can access certain features and settings on the phone. However, Chameleon can trick the user into giving it permission to use the “restricted setting feature” without their consent. This way, Chameleon can disable biometric security features such as facial recognition and fingerprint scanners and take over the phone.
Chameleon uses a fake lock screen to get your PIN and access your banking apps
The main goal of Chameleon is to steal money from the user’s bank account. To do this, it displays a fake lock screen that asks the user to enter their PIN. Chameleon records the PIN and uses it to unlock the phone and access the user’s banking and financial apps. It can also collect other personal information from the phone. Chameleon can then transfer money to the attackers’ accounts or buy goods online without the user’s knowledge.
According to The New York Post, Chameleon has a new and “improved” version that can open an HTML webpage on the phone. This webpage asks the user to change their accessibility settings, which Chameleon can then abuse to gain more control over the phone. The user may not even notice that anything is wrong, as Chameleon can hide itself behind regular apps that are not infected by the malware.
Chameleon can also use a platform called Zombinder to attach itself to other apps. Zombinder can schedule tasks for Chameleon, such as activating the malware when the user is not using the phone. This makes it harder for the user to detect and stop the attack.
How to protect yourself from Chameleon and other malware
The best way to protect yourself from Chameleon and other malware is to avoid downloading apps from third-party app stores. Only use the Google Play Store or the Samsung Galaxy Store if you have a Galaxy device. Also, make sure that your phone is running the latest version of Android and install any updates that are available.
If you suspect that your phone is infected by Chameleon, you should change the passwords to all of your apps, especially the financial ones. However, do not use the infected phone to do this. Use a trusted device such as your computer. Use strong and unique passwords for each app. Also, check your online accounts and look for any unusual activity. You should also check your credit reports for any signs of identity theft or fraud.
If you find out that your banking and credit card information have been compromised by Chameleon, you should contact your banks and credit card companies immediately. Inform them of the situation and ask them to freeze your accounts and issue new cards. You should also warn your contacts about any messages from you that seem strange or suspicious.
You can also try to remove any traces of malware from your phone by performing a factory reset. This will erase all the data and settings from your phone and restore it to its original state. However, before you do this, make sure that you have backed up your phone and restored it using a trusted device only. A factory reset may not be a pleasant option, but it could help you prevent further damage from Chameleon.