Hi Guys,

The Cyble Research & Intelligence Labs (CRIL) team has discovered a new and dangerous strain of Android malware called Chameleon. This new strain of malware attacks smartphone users by mimicking banking, government, and cryptocurrency apps, in an attempt to steal banking login information from its victims. Chameleon disguises itself as a legitimate app for banks, government agencies, and cryptocurrency platforms.

Chameleon has the following functions:

  • Imitating legitimate apps to trick users
  • Stealing personal and financial information
  • Intercepting SMS messages and phone calls
  • Gaining unauthorized access to accounts
  • Conducting fraudulent transactions
  • Bypassing multi-factor authentication
  • Targeting over 180 different apps

How to stay safe from Chameleon Android malware:

  1. Keep Incognito up to date on your device as we are now tracking this malware, and we can remove all instances of it from your device.
  2. Install apps only from trusted sources: Download apps exclusively from the Google Play Store and avoid third-party app stores.
  3. Verify app developer information: Before installing an app, check the developer’s name, reviews, and download count to ensure its legitimacy.
  4. Update your device regularly: Keep your Android operating system and apps up to date with the latest security patches.
  5. Use strong, unique passwords: Create complex and unique passwords for all of your accounts and change them frequently.
  6. Avoid suspicious links and attachments: Do not click on links or open attachments from unknown sources.
  7. Be cautious with public Wi-Fi: Use a Virtual Private Network (VPN) to encrypt your data and protect your device when connecting to public Wi-Fi networks.

If you need assistance or have concerns about online privacy, the Incognito Privacy Care Team is available 24 hours a day via the in-app contact options.

All the best,

Max Roberts

Incognito Privacy Care Team