The Chameleon Android banking trojan has a new version which can disable fingerprint and face unlock to steal device PINs. Earlier versions impersonated Australian government agencies, banks and cryptocurrency exchanges. Currently distributed via the Zombinder service that hides malware in legitimate apps, it poses as Google Chrome. The new features help it bypass security features of Android 13 and newer. It prompts victims to enable Accessibility and then uses this to force a fallback to PIN or password authentication, capturing these to unlock the device.
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some
