New Android trojan Chameleon detected, can mimic banking, Crypto apps

With more than three billion active devices active, Android commands more than 75 per cent market share. However, it also attracts a lot of attention from cyber criminals to prey on naive users.

In the latest instance, bad actors have created a new trojan malware variant- Chameleon that can mimic banking and crypto wallet apps, reported Cyble Research & Intelligence Labs (CRIL).

As the name implies, Chameleon is good at impersonating known bank apps and also avoids detection by the Google Play Protection system too.

It is also capable of overriding system permission to track keylogging (enough to record user IDs and passwords), SMS harvesting (to steal OTPs), cookies (user data of frequently visited websites), and prevent uninstallation.

For now, the malware is said to be limited to Australia and Poland regions, but there is a risk of this trojan spreading to other global regions.

So, Android phone users are advised to download apps only from Google Play Store and never from any third-party store or unknown websites.

Whenever Google or the Android phone maker rolls out any security patch, please download and install them as soon as they are released.

And, it is also good practice to install anti-virus apps from reputed cyber security companies, which offer a second layer of security over the native Google Play protection system.

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.