A new strain of Chameleon malware is spreading online that disables desktop unlocking on Android smartphones by using a fingerprint or face to steal PIN codes and other passwords. In this respect reports The BleepingComputer post cites a new report from information security experts at ThreatFabric.
Chameleon is distributed with the installation file of the Google Chrome browser. Attackers are using the Zombinder service, popular on the darknet, to attach malware to a legitimate version of Chrome. Zombinder inserts malicious pieces into the code of regular programs, making them harder to detect.
Once inside the smartphone, Chameleon causes disruptions in biometric unlocking services. The bug forces users to unlock the device by entering a PIN code. The malware records this combination and then uses it in the background to unlock the smartphone without the owner’s knowledge.
The chameleon can remain inactive for a long time and then suddenly remove the block and independently write off funds through the banking application. Chameleon is also used to steal passwords from other services as well as confidential data.
To protect against the new virus, Threat Fabric experts recommend activating the Play Protection function in Google Play and not downloading installation files for Android applications.
Russians before reported To clear the money when you restart your iPhone.