You are here: Blog Tags Cyber security

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Watch Out for This Scary New Malware: Crocodilus

Voyage Technology Blog Security
Watch Out for This Scary New Malware: Crocodilus

Mobile malware doesn’t get talked about a lot, and that’s because it’s relatively uncommon compared to others, but it’s still just as dangerous. Crocodilus, a new Trojan on the Android platform, is one such example. Today, we want to cover how you can address this new variant and avoid contact with it.

Crocodilus was first identified early in 2025, and it’s not just a data thief; it’s a comprehensive remote access Trojan (RAT). It can take over infected devices and steal sensitive financial information, especially banking credentials and cryptocurrency assets.

Luring in Unsuspecting Prey

Crocodilus is a threat used in conjunction with various social engineering tactics to lure in prey and strike. Its influence ranges from Turkey and Spain, all the way to Europe, South America, the United States, and parts of Asia.

Crocodilus spreads by malicious advertisements on social media platforms like Facebook. These ads might look like legitimate banking or e-commerce applications, and they might even offer special bonuses or time-sensitive offers. Once the user clicks on the ad, though, they are redirected to a malicious website that downloads Crocodilus. It bypasses all the security restrictions in place on newer Android versions—the ones intended to prevent the sideloading of malicious applications.

How Crocodilus Works

Crocodilus leverages Android’s Accessibility Services—services designed to assist users with disabilities while interacting with the device. It’s a despicable use of well-intentioned tools. Here’s what Crocodilus can do:

  • Overlay attacks - The malware can show fake login screens over legitimate banking and cryptocurrency apps, leading to users willingly giving away login credentials right to attackers.
  • Keylogging - Crocodilus records keystrokes and records everything… passwords, PINs, and private messages included.
  • Remote device takeover - This malware allows criminals to control the infected device, including navigating through apps, making transactions, and transferring funds.
  • Data theft - Crocodilus can steal information like contact lists, SMS messages, and data from other applications.
  • Cryptocurrency wallet theft - Crocodilus can steal the seed phrases used in cryptocurrency wallets through social engineering prompts like fake security backup alerts, all to get the user to share their recovery keys.
  • Encrypting its own code - Crocodilus is changing as time goes on, and a new variant called Pragma includes native code that encrypts its malicious payload, making it harder to detect and analyze.

Crocodilus is Rapidly Evolving

The hackers behind Crocodilus are continuously making efforts to upgrade and refine the malware, which has led to its rapid evolution in a short period of time. New features are constantly being added to make it more effective and dangerous, including one which allows the malware to add fake contacts to a victim’s contact list. This could make malicious calls look like they’re coming from a legitimate source and establish trust that should absolutely not be granted.

How to Protect Yourself from Crocodilus

There are ways to take the fight to Crocodilus, and they’re not terribly complicated ones. First, make sure you're not installing apps from unofficial sources; download from the Google Play Store and other trusted app storefronts. You should also be wary of any permissions you give to your apps, especially those that are requesting access to Accessibility Services. If the app doesn’t need access to services to work, but requests them anyway, consider it a red flag. Finally, make sure you update your Android operating system to the latest version, complete with the latest security patches and updates.

Worried about the latest digital threats? Voyage Technology can help. To learn more, call us at 800.618.9844.

Tweet
Tags:
Android Malware Security

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Hardware Efficiency Network Security User Tips Internet Malware IT Support Privacy Google Workplace Tips Computer Phishing Email IT Services Collaboration Hosted Solutions Users Workplace Strategy Ransomware Mobile Device Microsoft Small Business Productivity Backup Passwords Quick Tips Cybersecurity Saving Money Communication Managed Service Data Backup Smartphone Android Upgrade Business Management Data Recovery VoIP Smartphones AI Disaster Recovery Mobile Devices communications Windows Social Media Browser Microsoft Office Managed IT Services Current Events Network Tech Term Internet of Things Remote Miscellaneous Information Automation Artificial Intelligence Facebook Gadgets Cloud Computing Covid-19 Holiday Training Remote Work Server Managed Service Provider Outsourced IT Compliance Spam Encryption Employee/Employer Relationship IT Support Office Windows 10 Government Data Management Business Continuity Virtualization Blockchain Wi-Fi Business Technology Windows 10 Bandwidth Apps Data Security Vendor Mobile Office Two-factor Authentication Apple Networking Employer-Employee Relationship App BYOD Mobile Device Management Tip of the week Gmail Chrome Managed Services Voice over Internet Protocol Budget How To BDR HIPAA Hacker Computing Applications Avoiding Downtime Information Technology Marketing Access Control Office 365 Conferencing WiFi Bring Your Own Device Big Data Managed IT Services Computers Operating System Router Virtual Private Network Risk Management Website Health 2FA Help Desk Analytics Office Tips Augmented Reality Retail Storage Password Healthcare Scam Data loss Social Cooperation Free Resource Project Management Windows 7 Going Green Patch Management Save Money Microsoft 365 Remote Monitoring Customer Service Vulnerability End of Support Vendor Management Solutions Cybercrime Physical Security Display Printer Windows 11 Paperless Office Infrastructure Monitoring Firewall Excel Document Management Remote Workers The Internet of Things Telephone iPhone Mouse Licensing Vulnerabilities Entertainment Administration Data Privacy Images 101 Customer Relationship Management Telephone System Multi-Factor Authentication Robot Mobility Cost Management Settings Hacking Printing Wireless Content Filtering Presentation IT Management VPN Employees YouTube Meetings Integration Wireless Technology Cryptocurrency User Tip Modem Computer Repair Mobile Security Processor Virtual Desktop Holidays LiFi Word Data storage Data Storage Smart Technology Supply Chain Video Conferencing Outlook Machine Learning Managed Services Provider Professional Services Money Saving Time Virtual Machines Humor Safety Managed IT Service Maintenance Antivirus Sports Downloads Social Engineering Break Fix Scams Browsers Smartwatch Education Connectivity IT Upload Procurement Remote Computing Azure Hybrid Work Mobile Computing Social Network Telework Cyber security Multi-Factor Security Tech Human Resources Application Search Dark Web Cables CES Tablet IoT Communitications Best Practice Trends Supply Chain Management Alert IBM Managed IT Customer Resource management FinTech Buisness File Sharing Regulations Dark Data Google Calendar Term Google Apps How To Microsoft Excel IT Maintenance Legal Data Analysis IT solutions Star Wars IT Assessment Business Growth Gamification Flexibility Notifications Staff Value Business Intelligence Organization Travel Social Networking Legislation Shortcuts Cortana Ransmoware Competition Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Alt Codes Content Remote Working Wearable Technology Memory Vendors Health IT Downtime Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Permissions Workforce Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Typing Wasting Time Threats User Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Internet Exlporer Software as a Service Knowledge Fraud Meta Google Drive User Error Microchip Username Managing Costs Amazon IP Address 5G Black Friday SSID Point of Sale eCommerce Unified Communications Database Surveillance Experience Virtual Assistant Outsource IT Google Docs Bitcoin Network Management Running Cable Tech Support IT Technicians Virtual Machine Environment Media Recovery Monitors Cyber Monday Medical IT Hard Drives Google Wallet Proxy Server Reviews Cookies Tactics Development Hotspot Transportation Small Businesses Domains Windows 8 Laptop Websites Mirgation Hypervisor Displays PowerPoint Refrigeration Drones Shopping Nanotechnology Optimization Addiction Electronic Medical Records Language Employer/Employee Relationships Outsourcing Public Speaking SharePoint Management PCI DSS Halloween Chatbots Lithium-ion battery Navigation Writing Distributed Denial of Service Workplace Entrepreneur Lenovo Gig Economy Screen Reader Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Hacks Server Management Regulations Compliance Scary Stories Private Cloud Identity Evernote Paperless Fun Co-managed IT Undo Superfish Bookmark Identity Theft Smart Tech Memes Deep Learning Download Net Neutrality Twitter Alerts SQL Server Technology Care Financial Data Error History Business Communications

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015