all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PIN-Stealing Android Malware

Add to bookmarks
Jan. 9, 2024, 12:03 p.m. | Bruce Schneier

Schneier on Security www.schneier.com

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN:


The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password authentication.


The malware captures any PINs and passwords the victim enters to unlock their device and can later use them to unlock the device at …

accessibility android android banking trojan android malware authentication banking banking trojan biometric biometrics chameleon device feature fingerprint malware old operations order password password authentication piece pin service steal stealing trojan unlock

Visit resource

More from www.schneier.com / Schneier on Security

Whale Song Code 20 hours ago | www.schneier.com
basic broadcast code cold +18
Friday Squid Blogging: Searching for the Colossal Squid 3 days, 10 hours ago | www.schneier.com
blog blogging can cruise +7
Long Article on GM Spying on Its Cars’ Drivers 3 days, 21 hours ago | www.schneier.com
article cars companies data +10
The Rise of Large-Language-Model Optimization 4 days, 21 hours ago | www.schneier.com
artificial intelligence coming easy end +12
Dan Solove on Privacy Regulation 5 days, 21 hours ago | www.schneier.com
academic papers article consent dan +6
Microsoft and Security Incentives 6 days, 20 hours ago | www.schneier.com
capabilities companies cyber cybersecurity +16
Using Legitimate GitHub URLs for Malware 1 week ago | www.schneier.com
attack attacker attack vector can +25
Friday Squid Blogging: Squid Trackers 1 week, 3 days ago | www.schneier.com
article blog blogging can +13
Other Attempts to Take Over Open Source Projects 1 week, 4 days ago | www.schneier.com
action backdoors council discovery +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)

@ Swiss Re | Madrid, M, ES
View on infosec-jobs.com

Alternant - Consultant HSE (F-H-X)

@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
View on infosec-jobs.com

Senior Risk/Cyber Security Analyst

@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
View on infosec-jobs.com

Offensive Security Engineer (University Grad)

@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
View on infosec-jobs.com

Senior IAM Security Engineer

@ Norfolk Southern | Atlanta, GA, US, 30308
View on infosec-jobs.com
View more jobs