Malware Analysis: Chameleon

Protect Mobile Bank Apps from Chameleon

Chameleon is a new, dangerous trojan. This Android malware can hijack mobile banking apps and steal sensitive information.

Our experts have conducted an in-depth analysis of Chameleon, and this report sheds light on its stealthy methods, invasive functionalities, and how you can guard against it.

What is Chameleon Malware?

  • A newly-discovered banking Trojan with no links to known families but similarities to Xenomorph.
  • Targeting specifically Australia and Poland (for now).
  • Deceptively poses as legitimate apps such as CoinSpot, IKO, Chrome, Bitcoin, or even ChatGPT.

Chameleon’s Sinister Functionalities:

  • Keylogging to steal passwords
  • Overlay attacks to mimic banking apps
  • SMS capture to bypass two-factor authentication.
  • Cookie stealing to impersonate customers’ online sessions.
  • And more!

Download our report to get actionable advice to protect your bank and customers.

Download Now

Sign up for our newsletter

Stay Up-to-Date on Financial Risk Management