The malware known as Chameleon in Android devices disables the fingerprint or face unlock feature and uses your stolen personal identification number (PIN), according to TechRadar.
According to cybersecurity researchers from ThreatFabric Lab, this malicious program has evolved to give attackers the ability to disable the fingerprint unlock feature and steal users' personal identification code.
Chameleon is similar to other banking malware that exploits a flaw in Android's access service to steal sensitive information and launch sophisticated attacks.
This new version comes with two notable changes: the ability to hijack the PIN on the device, and the ability to change the lock screen to use the PIN you captured instead of the face or fingerprint feature.
With the first new capability, the malware will first scan to see if the operating system is Android 13 or later. If so, the user will be prompted to turn on accessibility services, will even guide them through the process, and once completed, perform unauthorized actions on the user's behalf.
Theft of personal identification (PIN) codes
“Upon receiving confirmation of the presence of Android 13 settings on the affected device, the banking malware begins loading an HTML page,” ThreatFabric researchers said, adding that the page “guides users through a manual, step-by-step process to enable the version access service.” Latest on Android 13".
With the second new capability, the chameleon program will use Android APIs to quietly change the lock screen authentication mechanism to a PIN, to allow malware to unlock the phone without the user knowing. For this feature to work, accessibility services must also be granted.
“The new version of the Chameleon program is another example of the evolution and adaptability of threats within the Android ecosystem,” the company said.
The new version of the malware has also expanded its reach, moving from Australia and Poland to other regions including the UK and Italy.
Beware hacking messages targeting Apple users
The German consumer protection portal Watchlist Internet warned of the spread of phishing messages attacking Apple iCloud users.
The portal explained that Apple users are currently receiving emails such as: “Your iCloud storage capacity is full. Get 50 GB for free.”
The portal warned against clicking on such messages. Because it was sent by hackers and not from Apple.
Apple identity theft
Clicking on such messages leads users to fake sites that allow hackers to steal Apple ID access data to the iCloud cloud storage service, and also steal credit card data.
If they fall prey to hackers, users should immediately change their Apple ID password and inform the bank to stop the credit card.
What is cloud storage service?
In general, the German Consumer Protection Portal recommended that the user activate the two-factor authentication (2FA) feature to protect Apple's identity, as it prevents hackers from logging into the user's account.
iCloud is a cloud storage service launched by Apple on the Internet on October 12, 2011, and the service became available to 320 million users in July 2013.
iCloud provides a service for saving files of all kinds on giant servers located in China, and the user can access it from anywhere using his own account and using Apple ID. The name of the cloud service comes from its idea based on saving files on external servers and not only on the user’s device.
Saved files can be downloaded on devices running Mac OS and iOS in addition to Windows. The service allows files to be shared with other users. It also enables the user to manage his files if his devices are lost or stolen. The service allows data to be shown on Apple TV via Wireless and secure private connections.
Good
ReplyDeleteGood
ReplyDeleteGood
ReplyDelete