Accessibility links

Facebook   X   LinkedIn   Email

Chameleon Malware Changes Its Colors Again

September 25, 2024

Android malware is constantly advancing and acquiring new frightening capabilities. Chameleon is the name of a trojan that was designed to infiltrate Android Operating Systems. This program can obtain data, with a particular focus on financial information, and carry out numerous other malicious activities; none that are in your favor.

Even more worrying is that the Chameleon Android malware received an upgrade making it new and improved from that of its former self. It is different from previous versions in that it uses a sophisticated technique to access and compromise devices. The changes include Device Takeovers (new term alert: DTO) and granting attackers the ability to bypass device biometric authentication. That sure is malware changing its colors!

The updated Chameleon malware infects Android devices with an OS 13 or newer versions pretending to be legitimate browsers like Chrome or cryptocurrency apps, banking apps, ChatGPT, and other popular apps.

The Trojan works by first scanning your device to check whether it is Android version 13 or higher. It then will initiate loading of an HTML page and guide the user through a process enable the accessibility service, per ThreatFabric’s researchers.

After that, it has necessary permissions to enable it to carry out unsanctioned actions like blocking its uninstallation. Once it’s there, you’re stuck with it. Chameleon will ultimately disable the biometric authentication capability and steal the associated PIN, allowing the malware to access the phone as needed with the stolen information.

The upgraded Chameleon Android malware version has extended its reach from unsuspecting users from Poland and Australia to other regions, such as Italy and the UK. It’s on its way to the U.S. as well.

So, be very wary when downloading programs from third-party sources. Get them from the official app stores for whichever device you have. And update your apps as soon as you see that red dot on your app screen. Not only will it help protect you from malware like this, but it’ll make that dot go away!


Phony Voicemail Links Steal Employee Credentials From Office 365 And Outlook Users

Scams & Phishing

Phony Voicemail Links Steal Employee Credentials From Office 365 And Outlook Users

Most of us know phishing emails and fake texts are a hacker’s calling card for stealing valuable PII. But recently, researchers at Zscaler cloud security sounded the alarm about an unusual malware campaign using voicemail-themed email phishing as the primary hook for cyberattacks. It’s only after Zscaler fell victim to this campaign that the company felt compelled to study it further. Zscaler finds this cybercrime targets employees in the U.S. using Microsoft Office 365 and the Outlook email service. READ FULL STORY
WhatsApp Worm Spreads To Other Apps, Malware Hides in .BMP Images

Scams & Phishing

WhatsApp Worm Spreads To Other Apps, Malware Hides in .BMP Images

It’s a cyber jungle out there. It’s a sort of “survival of the fittest” and those in-the-know can help keep themselves from becoming a casualty of these cybercrimes. An investigation by Malwarebytes found that cybercriminals are now circulating malware via bitmap (.bmp) images to add to the ever increasing list of file types that can no longer be trusted, such as .doc, .xls, and .exe. Now, even clicking that funny cat picture may leave our devices infested with dangerous worms, Trojans, and perhaps ransomware. READ FULL STORY
BOLO for These Most Dangerous Email Attachments

Scams & Phishing

BOLO for These Most Dangerous Email Attachments

Keeping a lookout for suspicious emails has become a daily consequence of our cyber lives. Phishing emails are notorious for having malicious attachments and opening them is a sure way to compromise your device and its data. These attachments are full of malware, ready and waiting to infect your system with a simple click. Make no mistake, any attachment in a questionable email can be dangerous. However, researchers at F-Secure found that some of this year’s biggest email spam campaigns used particular types of malicious attachments more than others. READ FULL STORY
Carbanak Is Back! Ransomware Group Reinvents Itself

Corporate Security

Carbanak Is Back! Ransomware Group Reinvents Itself

Since the arrest of Carbanak's leader five years ago, the notorious ransomware group is back with a vengeance. The Carbanak ransomware syndicate gained notoriety as a highly effective cybercrime ring targeting financial and banking institutions worldwide. And now, the group has reinvented its method of attacks to reemerge as yet another force to be reckoned with. The group recently shifted their ransomware attacks from financial targets to posing as business software like HubSpot and Xero on compromised websites. READ FULL STORY
Gootloader Grazes Legitimate Websites For Victims

Your Security

Gootloader Grazes Legitimate Websites For Victims

When it comes to damaging malware, Gootloader has made a name for itself. This is largely due to the impact it can have on some of the largest businesses in the world. But don’t think for even a second that it can only affect large companies. Any sized organization can fall victim to this or any other type of malware. Recently, it’s been law and accounting firms that are those targets. Gootloader is a Javascript-based framework that has been used to steal sensitive data in the past. READ FULL STORY