Last March, the company Threatfabric specializing in cybersecurity sounded the alarm concerning a new malware: Crocodilus. In practice, it targets Android users via verolled applications. Once on your phone, it will target cryptos and banking applications, in order to steal your funds. Unfortunately, it would seem that it continues to spread and wreak havoc.
- The Threatfabric company revealed the disturbing expansion of crocodilus malware, which targets Android users to steal cryptos and banking funds.
- Crocodilus has extended its scope beyond Europe, now reaching South America, while perfecting itself to become more difficult to detect.
Crocodilus spreads around the world
It has been almost 4 months since the crocodilus malware has been identified. Initially, it mainly targeted Spain and Turkey. However, recent discoveries tend to believe that This one is expanding.
Indeed, on June 3, the teams of Threatfabrics have revealed that Crocodilus was operating a wide expansion campaign.
Thus, Crocodilus would now target many European countries and would have passed across the Atlantic to reach South America.
“The first samples of Crocodilus revealed operations in Europe, although the first campaigns mainly targeted Turkey. Recent activities reveal multiple campaigns now targeting European countries, while pursuing the Turkish campaigns and extending globally to South America. »»
For this, hackers have turned to a most powerful tool: social networks.
Thus, Threatfabric discovered Pubs led on Facebook in Poland. The latter highlight banking or e-commerce applications. Unsurprisingly, the applications put forward are verolled and are only a facade to infect new devices. Other similar advertising campaigns have been identified in Spain and Turkey.
Full crocodilus
In parallel with this expansion, hackers have also Bring improvements to malware himself. The main objective of these improvements is to make Crocodilus more difficult to detect via different obscure methods.
In addition, researchers also observed an evolution in the operating mode. Thus, Crocodilus will now alter the contact list Users and add specific contacts to the victim’s device.
« We believe that the intention is to add a telephone number under a convincing name such as » Bank Support « , which allows the attacker to call the victim while seeing legitimate. »»
Prudence is a mother of security
Faced with the threat of crocodilus, it is essential to adopt a proactive approach To protect your cryptocurrencies on Android.
To protect yourself, it is advisable toAvoid downloading applications outside the Google Play Store. Despite this, it is important to check the authenticity of applications, even on official platforms.
Also beware of messages or pop-ups Insating you to quickly save your recovery sentence: a reliable wallet will never ask you for this kind of action in a pressing way. Especially if you have already done so during the installation.
Monitor the signs of infection, such as overconsumption of battery, a sudden increase in the use of data or requests for unusual permission, in particular access to accessibility services.
Obviously, it is strongly not recommended to use a mobile wallet as a main wallet. It is rather advisable to favor a Wallet hardwarewhich remains out of reach of this type of malware.
Crypto flight remains a widely used activity. According to the Chainalysis report, more than $ 2.2 billion was stolen by hackers in 2024. Therefore, the security of your funds must be at the heart of your concerns.