A new, more dangerous version of the Chameleon virus has been discovered, which is capable of remotely controlling a mobile phone to steal its data.
Right now, many people use their cell phones every day in Spain for quite important tasks, such as carrying out banking operations, answering work emails or even controlling the lights and cameras at home using home automation. This makes them devices susceptible to attracting the interest of cybercriminals.
Just as there is a type of malware dedicated to displaying ads, not all of them are so benevolent, and there are other types of viruses capable of doing much worse things for the user. Chameleon is one of them, and looks for obtain the banking details of the users it affects.
It does this using accessibility services and, now, it has been discovered that a new evolution of this can change the unlocking method so that it is a PIN that can be stolen from the user to control their mobile phone remotely. This way, you can do and undo as you please.
Very dangerous malware
Chameleon is a type of virus that enters Android devices camouflaged as a normal application, making it difficult to detect. Of course, it only happens when apps are downloaded from untrusted sources, since Google Play carries out an analysis of all the apps that are installed on the device to verify that they are trustworthy.
This new version will scan the Android version of the device, and if it is Android 13 or higher, as stated HackerNews, will make the user activate accessibility services by tricking them, since he thinks he is looking at a reliable app. When this has been done, it will silently change the unlocking mechanism to be a PIN that you can hijack.
With this code, cybercriminals are able to unlock and control the mobile phone remotely, so they could access both banking applications and online storeswith the great risk that this entails for the wallet of the person affected by this malware.
The best way to prevent it from ending up on your mobile or tablet is not to download applications that may be compromised from untrustworthy sources or that promise to offer a service that is normally paid for completely free of charge.
