Improved capabilities and expanded targeting have been integrated into the new version of the Chameleon Android banking trojan, according to The Hacker News.
Chameleon's operators have updated the malware to exploit Accessibility Services in a bid to facilitate Device Takeover fraud on devices running on Android 13 and later, while leveraging Android APIs to evade biometric authentication, a ThreatFabric report revealed. While Chameleon was previously reported to target Australia- and Poland-based users, the updated iteration has also set sights on users in Italy and the UK, noted researchers, who identified malware-distributing artifacts to spoof Google Chrome. "The emergence of the new Chameleon banking trojan is another example of the sophisticated and adaptive threat landscape within the Android ecosystem. Evolving from its earlier iteration, this variant demonstrates increased resilience and advanced new features," said ThreatFabric. Such findings follow a Zimperium report detailing nearly 30 malware families across almost 2,000 banking apps this year.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news