Chameleon : a new Android malware

? Malware is a malicious computer program that can infect computers, smartphones, tablets, and other internet-connected devices. Malware can cause a lot of damage, such as deleting files, stealing personal information, or blocking access to data.

?? Chameleon is a new banking malware that was discovered by researchers at cybersecurity firm Cyble. It has been rampant on Android since the beginning of the year and targets users in Australia and Poland, as well as users of the cryptocurrency service CoinSpot. This malware masquerades as legitimate applications such as CoinSpot, Google Chrome, Bitcoin or ChatGPT.

It is capable of recording keystrokes, overlaying itself with other apps, stealing cookies and lock screen codes, as well as reading SMS messages to retrieve two-factor authentication codes.

Chameleon leverages Android's accessibility services to gain the necessary permissions, disable Google Play Protect, ?and block its own uninstallation.?

Although this malware is not yet present on Google's Play Store, it can be distributed through compromised websites, attachments ?on Discord or hosted on Bitbucket. Researchers fear that Chameleon could evolve further and pose a serious threat in the future.

?? To protect against banking malware attacks like Chameleon, it is recommended to follow some best practices.

First of all, it is important to avoid downloading apps from unofficial or untrustworthy websites. In addition, it is essential ?to regularly update applications and the operating system to fix security vulnerabilities ?and known vulnerabilities. ?Using a mobile security solution can also help detect and prevent malware, as well as protect personal data. Finally, it is recommended not to click on links or attachments from unknown or suspicious sources

By following these recommendations, users can significantly reduce the chances of infection with banking malware like Chameleon.

?

?