Chameleon Android malware can now bypass fingerprint security to steal info

Chameleon has new powers to ignore fingerprints and force PIN security to hack banking and crypto apps.

As technology grows daily, so does malware and one among many can now get around one of the toughest security measures on Android. This is the Chameleon malware, known for hiding quietly inside a device while stealing information.

Chameleon was first detected earlier this year and only known to affect users in Australia and Poland. At that time, the malware only had limited capabilities and could be countered by some mobile security measures.

However, the malware evolved into something more dangerous because it could now bypass one of the strongest mobile security measures – the fingerprint biometric. This biometric is higher than PIN and some apps, services, or mobile functions limit access to fingerprint permission only.

How Chameleon Bypasses Fingerprint Security

At ThreatFabric, researchers identified two new powers of Chameleon. First, it now has an extended reach after it was found in Italy and the UK. It means that the malware can grow to reach even more territories.

Second, it can now bypass fingerprint security by forcing the use of PIN. The malware utilizes the KeyguardManager API and AccessibilityEvent to check security measures, and then deploys the AccessibilityEvent to favor PIN authorization. This is major because a user may not realize that an attack is happening since the PIN still works.

What Does Chameleon Do?

Once it takes control of the device, it can easily gather user information to log in banking and crypto apps. Threat actors can steal data from those apps, leaving users confused as to what happened despite security measures in place.

How to Counter Chameleon?

Never download apps from third-party sources. Always download your apps from the Google Play Store.

According to a report, the Play Store’s Play Protect security feature protects Android users from the Chameleon malware.

In case you get apps elsewhere, Chameleon typically conceals itself as a harmless Chrome browser. This poser includes “com.busy.lady” in their package when inspected closely.

If you can’t get rid of that, you may need to reset your phone completely to restore the factory apps that came with your device. You may use antivirus apps and see if they can work on this elusive malware.


Xiaomi 14 Full Review: Pioneering new legacy in mobile photography
This content is password protected. To view it please enter your password below: Password:
Read More
HUAWEI MatePad 11.5” PaperMatte Edition: Transcending work and play with PC-level, paperless experience
Find out what this MatePad offers to office workers, students, and artists in this unboxing and first...
Read More
Chinese university students pave the way with Calcium-based battery development
A team of visionary researchers at Fudan University in Shanghai, China, has achieved a groundbreaking...
Read More

Your compare list