PIN-Stealing Android Malware

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN:

The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password authentication.

The malware captures any PINs and passwords the victim enters to unlock their device and can later use them to unlock the device at …

accessibility android android banking trojan android malware authentication banking banking trojan biometric biometrics chameleon device feature fingerprint malware old operations order password password authentication piece pin service steal stealing trojan unlock