Watch out - this devious new Android malware impersonates banks and governments to trick you out of your crypto
Date:
Tue, 18 Apr 2023 15:11:42 +0000
Description:
Newly discovered Android malware poses as different apps as it steals passwords and MFA codes in the background.
FULL STORY ======================================================================
Cybersecurity researchers have recently discovered a new malware for Android that successfully mimics different kinds of mobile applications - from
banking apps, to crypto exchange apps, to government apps.
Chameleon was discovered by researchers from Cyble, who observed hackers distributing the malware through compromised websites, Discord channels, and Bitbucket hosting services.
The tool sports a number of different functionalities, all of which amount to information stealing. Profiling the target
Once downloaded, the malware will first analyze the device to see if its in a honeypot. It will scan the phone to see if its rooted and if debugging is activated, as these are usual signals of an analysts environment. Once that test is passed, it will ask for Accessibility Service permissions - which is
a huge red flag. Its usually malware that asks for this kind of permission as they allow it to run rampant across the endpoint.
The next step is to establish a connection with its Command & Control (C2) server, and send the basic device information: version, model, root status, country, and precise location. After that, it will start loading different malicious modules to the device, including a cookie stealer, a keylogger, a phishing pages injector, a grabber for PIN codes and patterns, and an SMS stealer. These modules allow the malware to grab passwords and multi-factor authentication codes which can later be used for identity theft . Read more
This dangerous Android malware is seeing a huge rise in infections
Dangerous new 'Hook' Android malware lets hackers remotely control your
phone
Check out the best firewall tools right now
While all of this might sound like much, researchers are adding that
Chameleon is an emerging threat, and as such is likely to get additional features in the comping weeks.
To stay safe, Android users should first make sure not to download apps from suspicious sources and instead grab apps only from official stores. Furthermore, they should enable Google Play Protect, as the first line of defense. An Android antivirus program wouldnt hurt, either. Here are the best firewalls today
Via: BleepingComputer
======================================================================
Link to news story:
https://www.techradar.com/news/watch-out-this-devious-new-android-malware-impe rsonates-banks-governments-to-trick-you-out-of-your-crypto
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)