A new variant of malicious software poses a significant threat to our personal data. According to Threat Fabric, the Chameleon malware has surfaced again with an even more advanced version than the one detected in April.
This new iteration is more sophisticated than its predecessor, targeting once again unauthorized access to personal data and potential misuse of that information.
Researchers have identified the malware being distributed through a platform called Zombinder, which discreetly integrates elements into seemingly legitimate applications. As a result, users are often unaware of the presence of the malicious software.
However, the danger lies in the fact that, despite its inconspicuous appearance, the Chameleon is actively operating in the background. This time, it is spreading through the seemingly ordinary Chrome browser, posing a threat to Android 13 and 14 systems.
When installed externally, disguised as a legitimate Chrome application, the malware requests permission for auxiliary services, swiftly bypassing the system’s defenses. Subsequently, the most alarming aspect unfolds: leveraging auxiliary capabilities, the malware disables biometric identification, coercing users to resort to password-based or code-based authentication instead of fingerprint or facial recognition. During the first input, Chameleon stealthily steals the entered data.
The virus can arbitrarily unlock the infected device at any time, but with carefully crafted methods, it can silently inflict substantial damage in the background, as it essentially gains access to almost anything on the device. Experts recommend installing applications only from the Play Store to prevent such issues.