This Android malware turns off fingerprint unlock to steal your pin

A new version of Chameleon Android malware can trick users into enabling accessibility services, allowing attackers to switch the phone from biometric to PIN lock. Posing as legitimate Android apps, the malware then requests users to turn on accessibility settings, subsequently enabling attackers to bypass fingerprint protection and steal PINs or passwords. Cybersecurity researchers advise the public to verify the legitimacy of especially banking apps before use.