A new Android Trojan named Xamalicious has been discovered masquerading as legitimate apps on the Google Play Store, affecting hundreds of thousands of users. The malware exploits accessibility features to take control of devices and steal personal information. Google has since removed the infected apps, but they may still be available on third-party markets. Users are advised to stick to official app stores, avoid sideloading, use antivirus software, and take immediate action if their data is compromised, including changing passwords, monitoring accounts, using identity theft protection services, contacting banks, alerting contacts, and potentially restoring devices to factory settings.
Android users are being warned about the Chameleon banking trojan, a sophisticated malware that can bypass biometric security measures and steal PINs and banking information. The malware disguises itself as legitimate apps and can even circumvent Android 13's restricted setting feature. To protect against this threat, users should only download apps from official stores, keep their Android system updated, install reliable antivirus software, and avoid sideloading apps. If compromised, it's advised to change passwords using another device, use identity theft protection services, contact banks, alert contacts, and consider restoring the device to factory settings.
Android users are being warned about the Chameleon Android banking trojan, a sophisticated malware that can bypass biometric security measures like fingerprint and face unlock, steal PINs, and gain access to banking apps and sensitive data. The malware tricks users into granting it permissions by mimicking legitimate apps and can even bypass Android 13's restricted setting feature. To protect against this threat, users are advised to only download apps from legitimate stores, keep their Android system updated, install reliable antivirus software, and take immediate action to change passwords and monitor accounts if data is compromised.
McAfee security experts have discovered 25 Android apps infected with Xamalicious malware, which can take control of devices to install unwanted software and click ads for hacker revenue. The malware exploits Android's accessibility features and was found in apps on the Google Play Store, with some having over 100,000 downloads. Users are advised to manually delete these apps, as Google's Play Protect system may not catch all threats. The apps were built using the Xamarin framework, which may have helped them avoid early detection.
