Malware on Android has become an increasingly real danger. Without going any further, we recently talked to you about 13 apps that you should delete from your phone as soon as possible. And today it is her turn Chameleon, a malware that unlocks your mobile.
We are talking about one of the most dangerous malware that currently exists and that can infect your phone. At the moment it mainly attacks the United Kingdom and Italy. But Camaelón will not take long to reach other countries, including Spain.
This is Camaleón, a malware that unlocks your mobile
It looks like, ThreatFabric cybersecurity researchers have discovered an updated version of banking malware for Android called Chameleon, and that has expanded its target to include users in the United Kingdom and Italy.
«Representing a restructured and improved iteration of its predecessor, this evolved variant of Chameleon excels in executing Device Takeover (DTO) using the accessibility service, while expanding its target region"said Dutch mobile security firm ThreatFabric in a recent report.
In January 2023, the Chameleon banking trojan appeared for the first time, employing various distribution methods to infiltrate the Android ecosystem, with a specific focus on users in Australia and Poland.
And the reason why it is called “Chameleon” makes perfect sense. For it, This Trojan shows its adaptability through multiple new commands, including examining application package names.
Their main targets are mobile banking applications, with distribution through phishing pages disguising themselves as a legitimate application. This banking Trojan displayed a distinctive ability to manipulate a victim's device, executing actions on the victim's behalf through a proxy feature. This feature enables advanced maneuvers such as Account Takeover (ATO) and Device Takeover (DTO) attacks, particularly targeting banking applications and cryptocurrency services.
So that you understand what is happening, leaving aside the technical sections, Chameleon is a malware capable of manipulating the device of its victims. For example, when it infects you, it will be able to unlock your phone for you, see the confirmation messages from your bank while you empty your bank account... Come on, it's not exactly a trivial problem.
Furthermore, Chameleon's big problem is its name. Because its ability to improve is beginning to worry computer security experts. The latest version detected in the United Kingdom has surprised by two new capabilities: the ability to bypass biometric authentication messages, and ability to display an HTML page to enable the accessibility service on devices that implement the “Restricted Settings” feature of Android 13.
Come on, it is capable of circumventing the most complete protection systems to position itself as one of the most powerful banking Trojans discovered.
And unfortunately, these types of attacks are not going to stop increasing. And the reason is as simple as it is devastating: 90% of Internet scam cases remain unsolved. By knowing how to use a VPN you already make things difficult for the police. Let's not talk about white-collar thieves who know how to hide their tracks so that they are untraceable.
So the best thing you can do is be careful and follow the advice we leave you below so that you know how to prevent Chameleon from giving you more than one headache. With a little common sense, you can avoid today's most dangerous malware or banking trojan.
How can I get infected with Chameleon?
Don't worry, it's not that easy to suffer a Chameleon attack. To do this, you have to install an app that hides this Trojan. Fraudulent applications containing the previous version were hosted on phishing sites.
For example, They impersonate genuine institutions in countries, such as the Australian Taxation Office (ATO) and a cryptocurrency trading platform called CoinSpot, in an attempt to steal credentials.
So, as you will be seeing, lThe only way to get infected with this dangerous Android malware would be if you downloaded an app outside of Google Play. So, under no circumstances should you download an APK file from a dubious site. Beyond APKMirror and little else, don't trust anyone.
And if your government, postal agency or whoever asks you to download an app that is not on Google Play, ignore that website as it is a scam. Always download from the Google app store.
Very simple tips to follow that will prevent you from more than one unnecessary scare.
What to do if I have been a victim of Chameleon
If you have fallen into the trap and installed an app with Camaleon by mistake, follow these tips from INCIBE, the Spanish security agency:
- Change your passwords: If you provided login information, change your passwords immediately. It's also important to change the passwords for any other accounts that use the same login information.
- Contact your bank or financial institution: If you provided banking information, such as credit card numbers or a signature key, it is important that you contact your bank as soon as possible to inform them of the incident and take steps to protect your account.
- Scan your device: If you clicked on a link or downloaded a file, scan your device with an antivirus for malware or viruses.
You should also regularly monitor what information about you is circulating on the Internet to detect if your private data is being used without your consent. Practicing egosurfing will allow you to control what information there is about you on the Internet. Exercise your rights if you find any data being offered without your consent. And nOur tutorial on how to sign up for the Robinson list will help you.
Lastly, Share your experience with friends and family to help them avoid falling into a similar trap.. You can also share information on social networks to educate more people about the dangers of phishing.