New Chameleon Android Trojan Can Bypass Biometric Security

A brand new variant of the Chameleon Android malware has been discovered in the wild, featuring new characteristics, the most notable of which is the ability to bypass fingerprint locks.
The Chameleon Android banking malware first appeared in early 2023, primarily targeting mobile banking apps in Australia and Poland, but it has since propagated to other countries, including the UK and Italy.
The trojan employs multiple loggers but has limited functionality.
Earlier versions of Chameleon could perform actions on the victim's behalf, allowing those behind the malware to carry out account and device takeover attacks.
Chameleon has usually leveraged the Android Accessibility Service to extract sensitive data from endpoints and mount overlay attacks, ThreatFabric researchers explained.
According to the researchers, the new Chameleon variant's complexity and adaptability have been enhanced, making it a more potent threat in the constantly evolving field of mobile banking trojans.
The new Chameleon variation starts by determining whether the operating system is Android 13 or newer.
If it is, the malware prompts the user to enable accessibility services, even guiding the user through the procedure.
Once completed, the malware is able to perform unauthorised acts on the user's behalf.
While this is a common feature across malware families, what makes this particular aspect intriguing is the ability to disrupt the targeted device's biometric processes and get around fingerprint locks.
The method uses the AccessibilityEvent system-level event for Android and the KeyguardManager application programming interface to determine the screen and keyguard state based on UI changes.
Keyguard is an Android system component that controls security features on devices, including screen lock and authentication mechanisms.
The malware assesses the state of the keyguard in terms of various locking techniques, such as pattern, PIN, or password.
When specific requirements are met, the malware will use the AccessibilityEvent action to switch from biometric to PIN authentication.
This gets around the biometric question, allowing the trojan to unlock the device whenever it wants.
The method is believed to offer those behind the malware with two advantages: the ability to simplify the theft of PINs, passwords, or graphical keys by bypassing biometric data via keylogging functionalities, and the ability to open devices using previously acquired PINs or passwords.


This Cyber News was published on www.cysecurity.news. Publication date: Mon, 25 Dec 2023 14:43:06 +0000


Cyber News related to New Chameleon Android Trojan Can Bypass Biometric Security

Biometric Authentication in Business: Enhancing Security - With its high level of security, convenience, user-friendliness, and accuracy, biometric authentication is paving the way for the future of secure authentication in the business world. One of the primary advantages of implementing biometric ...
9 months ago Securityzap.com
Biometric Security in Educational Environments - Biometric technology has gained significant attention in recent years as a potential solution to enhance security in educational environments. The adoption of biometric security in educational settings raises important privacy and ethical concerns. ...
10 months ago Securityzap.com
Chameleon Android Trojan Offers Biometric Bypass - A new variant of an Android banking Trojan has appeared that can bypass biometric security to break into devices, demonstrating an evolution in the malware that attackers now are wielding against a wider range of victims. Spread through phishing ...
10 months ago Darkreading.com
Biometric Authentication: Advancements and Challenges - Advancements in technology are driving the world of biometric authentication into a realm where one's very being serves as the key to accessing secure systems. The Evolution of Biometric Technology has significantly transformed the landscape of ...
7 months ago Securityzap.com
New Chameleon Android Trojan Can Bypass Biometric Security - A brand new variant of the Chameleon Android malware has been discovered in the wild, featuring new characteristics, the most notable of which is the ability to bypass fingerprint locks. The Chameleon Android banking malware first appeared in early ...
10 months ago Cysecurity.news
Chameleon Android Malware Can Bypass Biometric Security - A new variant of the Chameleon Android banking trojan features new bypass capabilities and has expanded its targeting area, online fraud detection firm ThreatFabric reports. Active since early 2023, the malware initially targeted mobile banking ...
10 months ago Securityweek.com
Interpol Arrests Smuggler With New Biometric Screening Database - In November, Interpol arrested a fugitive smuggler using a new biometric security system it plans to deploy across its 196 member countries. The colorlessly named "Biometric Hub" collates Interpol's existing fingerprint and facial-recognition data ...
11 months ago Darkreading.com
The future of biometrics in a zero trust world - Biometric data obtained from selfies, forged passports and cyberattacks on data stores holding everything from fingerprints to DNA have long been best-sellers on the dark web. Untraceable yet very powerful in allowing attackers to access the most ...
9 months ago Venturebeat.com
UK to replace physical biometric immigration cards with e-visas - By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits and Biometric Residence Cards in a bid to make its borders digital, which is in-line with developed countries like Australia. Presently, ...
8 months ago Bleepingcomputer.com
Android malware and unwanted software statistics for Q1 2024 - Over 389,000 malicious installation packages were detected, of which: 11,729 packages were related to mobile banking Trojans, 1,990 packages were mobile ransomware Trojans. The rapid growth in the total number of attacks between Q2 and Q4 2023 is ...
5 months ago Securelist.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
10 months ago Feeds.dzone.com
What Is Android System WebView and Should You Uninstall It? | Definition from TechTarget - Android developers use WebView when they want to display webpages or Hypertext Markup Language content in a Google app or other application. Android System WebView is a system component for the Android operating system (OS) that enables Android apps ...
1 month ago Techtarget.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
Beware, iPhone Users: iOS GoldDigger Trojan can Steal Face ID and Banking Details - Numerous people pick iPhones over Android phones because they believe iPhones are more secure. This may no longer be the case due to the emergence of a new banking trojan designed explicitly to target iPhone users. According to a detailed report by ...
8 months ago Cysecurity.news
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
8 months ago Esecurityplanet.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
5 months ago Blog.checkpoint.com
First Ever iOS Trojan Steals Facial Recognition Data - A novel, very sophisticated mobile Trojan dubbed GoldPickaxe. iOS that targets iOS users exclusively was discovered to collect facial recognition data, intercept SMS, and gather identity documents. The Asia-Pacific region includes the majority of ...
8 months ago Gbhackers.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
1 month ago Cyberdefensemagazine.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
8 months ago Cybersecuritynews.com
Konica Minolta Wins Two Platinum 'ASTORS' Homeland Security Awards - ' Now in its ninth year, it continues to recognize industry leaders in physical and border security, cybersecurity, emergency preparedness management and response, law enforcement, first responders, and federal, state, and municipal government ...
7 months ago Americansecuritytoday.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
5 months ago Esecurityplanet.com
Snowblind malware abuses Android security feature to bypass security - A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. Snowblind's goal is to repackage a target app to make them ...
4 months ago Bleepingcomputer.com
Latest Information Security and Hacking Incidents - In recent times, the digital realm has become a battleground where cybercriminals constantly devise new tactics to breach security measures and exploit unsuspecting users. The emergence of the GoldPickaxe Trojan serves as a stark reminder of the ...
8 months ago Cysecurity.news
New Stellar Cyber Alliance to Deliver Email Security for SecOps Teams - Stellar Cyber, a Double Platinum 'ASTORS' Award Champion in the 2023 Homeland Security Awards Program, and the innovator of Open XDR has entered inao a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this ...
8 months ago Americansecuritytoday.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)