You are here: Blog Josh Coppage Tip of the Week: Did You Know About These Windows Features?

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Watch Out for This Scary New Malware: Crocodilus

Voyage Technology Blog Security
Watch Out for This Scary New Malware: Crocodilus

Mobile malware doesn’t get talked about a lot, and that’s because it’s relatively uncommon compared to others, but it’s still just as dangerous. Crocodilus, a new Trojan on the Android platform, is one such example. Today, we want to cover how you can address this new variant and avoid contact with it.

Crocodilus was first identified early in 2025, and it’s not just a data thief; it’s a comprehensive remote access Trojan (RAT). It can take over infected devices and steal sensitive financial information, especially banking credentials and cryptocurrency assets.

Luring in Unsuspecting Prey

Crocodilus is a threat used in conjunction with various social engineering tactics to lure in prey and strike. Its influence ranges from Turkey and Spain, all the way to Europe, South America, the United States, and parts of Asia.

Crocodilus spreads by malicious advertisements on social media platforms like Facebook. These ads might look like legitimate banking or e-commerce applications, and they might even offer special bonuses or time-sensitive offers. Once the user clicks on the ad, though, they are redirected to a malicious website that downloads Crocodilus. It bypasses all the security restrictions in place on newer Android versions—the ones intended to prevent the sideloading of malicious applications.

How Crocodilus Works

Crocodilus leverages Android’s Accessibility Services—services designed to assist users with disabilities while interacting with the device. It’s a despicable use of well-intentioned tools. Here’s what Crocodilus can do:

  • Overlay attacks - The malware can show fake login screens over legitimate banking and cryptocurrency apps, leading to users willingly giving away login credentials right to attackers.
  • Keylogging - Crocodilus records keystrokes and records everything… passwords, PINs, and private messages included.
  • Remote device takeover - This malware allows criminals to control the infected device, including navigating through apps, making transactions, and transferring funds.
  • Data theft - Crocodilus can steal information like contact lists, SMS messages, and data from other applications.
  • Cryptocurrency wallet theft - Crocodilus can steal the seed phrases used in cryptocurrency wallets through social engineering prompts like fake security backup alerts, all to get the user to share their recovery keys.
  • Encrypting its own code - Crocodilus is changing as time goes on, and a new variant called Pragma includes native code that encrypts its malicious payload, making it harder to detect and analyze.

Crocodilus is Rapidly Evolving

The hackers behind Crocodilus are continuously making efforts to upgrade and refine the malware, which has led to its rapid evolution in a short period of time. New features are constantly being added to make it more effective and dangerous, including one which allows the malware to add fake contacts to a victim’s contact list. This could make malicious calls look like they’re coming from a legitimate source and establish trust that should absolutely not be granted.

How to Protect Yourself from Crocodilus

There are ways to take the fight to Crocodilus, and they’re not terribly complicated ones. First, make sure you're not installing apps from unofficial sources; download from the Google Play Store and other trusted app storefronts. You should also be wary of any permissions you give to your apps, especially those that are requesting access to Accessibility Services. If the app doesn’t need access to services to work, but requests them anyway, consider it a red flag. Finally, make sure you update your Android operating system to the latest version, complete with the latest security patches and updates.

Worried about the latest digital threats? Voyage Technology can help. To learn more, call us at 800.618.9844.

Tweet
Tags:
Android Malware Security

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Productivity Business Software Innovation Hackers Cloud Network Security User Tips Hardware Internet Efficiency IT Support Malware Privacy Google Computer Email Workplace Tips Phishing IT Services Hosted Solutions Collaboration Users Mobile Device Workplace Strategy Ransomware Quick Tips Small Business Cybersecurity Microsoft Passwords Communication Data Backup Saving Money Smartphone Backup Managed Service Android VoIP Business Management Smartphones Upgrade communications Mobile Devices Disaster Recovery Browser Data Recovery Microsoft Office Managed IT Services Windows Social Media Current Events Network Tech Term Remote Internet of Things Productivity Automation Facebook Artificial Intelligence Gadgets AI Covid-19 Cloud Computing Server Holiday Managed Service Provider Miscellaneous Remote Work Outsourced IT Information Training Encryption Compliance Spam Employee/Employer Relationship Windows 10 Office Data Management Government Business Continuity Windows 10 Business Technology Wi-Fi Virtualization IT Support Blockchain Bandwidth Vendor Mobile Office Two-factor Authentication Apps Data Security Apple Mobile Device Management Managed Services App Voice over Internet Protocol Gmail Networking Employer-Employee Relationship Chrome Budget BYOD Avoiding Downtime Applications Marketing Access Control Tip of the week Conferencing Computing WiFi Information Technology How To Office 365 BDR Hacker HIPAA Router Bring Your Own Device Website Virtual Private Network Health Help Desk Healthcare Operating System Retail Big Data Risk Management Managed IT Services Analytics Office Tips Augmented Reality Computers Storage Password 2FA Physical Security Display Excel Printer Paperless Office Infrastructure Remote Workers Firewall Monitoring Going Green Document Management Cybercrime Free Resource The Internet of Things Project Management Windows 7 Telephone Social Scam Data loss Microsoft 365 Cooperation Solutions Patch Management Customer Service Save Money Remote Monitoring Vulnerability End of Support Vendor Management Windows 11 Data Storage VPN Meetings Mouse Supply Chain Video Conferencing Administration Managed Services Provider User Tip Modem Computer Repair Mobile Security Virtual Machines Processor Professional Services Word Smart Technology Settings iPhone Wireless Machine Learning Printing Safety Content Filtering Saving Time Vulnerabilities Data Privacy YouTube Managed IT Service Maintenance Images 101 Cryptocurrency Antivirus Downloads Multi-Factor Authentication Mobility Licensing Virtual Desktop Data storage LiFi Entertainment Customer Relationship Management Outlook Employees Integration Telephone System Money Robot Humor Hacking Cost Management Presentation Holidays IT Management Wireless Technology Sports IP Address Education Hypervisor Displays Network Congestion Specifications Internet Exlporer Fraud Shopping Optimization User Error Microchip PowerPoint Employer/Employee Relationships Outsourcing Username Mobile Computing Black Friday PCI DSS Recovery Search Navigation Point of Sale Database Gig Economy Best Practice Hard Drives Workplace Teamwork Hiring/Firing Network Management Tech Support IT Technicians Domains Internet Service Provider Buisness Monitors Cyber Monday Regulations Compliance IT solutions Proxy Server Evernote Paperless Cookies Legal Tactics Hotspot Business Growth Refrigeration Memes Co-managed IT SQL Server Technology Care Websites Mirgation Public Speaking Net Neutrality Lithium-ion battery Financial Data History Cortana Business Communications Nanotechnology Addiction Electronic Medical Records Language Smartwatch Alt Codes IT Entrepreneur SharePoint Scams Azure Hybrid Work Management Chatbots Procurement Downtime Writing Distributed Denial of Service Telework Hosted Solution Cyber security Lenovo Tech Human Resources Screen Reader Service Level Agreement Virtual Reality Computing Infrastructure CES Typing Undo Communitications Cables Server Management Private Cloud Identity Supply Chain Management FinTech Knowledge Superfish Bookmark Term Google Apps Identity Theft Smart Tech Google Drive Download Twitter Alerts IT Assessment IT Maintenance Value Business Intelligence 5G Error Flexibility Google Docs Social Engineering Break Fix Organization Unified Communications Application Experience Browsers Shortcuts Connectivity Upload Remote Computing Digital Security Cameras Bitcoin Smart Devices Running Cable Ransmoware Memory Vendors Social Network Google Wallet Multi-Factor Security IBM Remote Working Dark Web Data Breach Google Play Be Proactive Tablet IoT Trends Alert Videos Windows 8 Electronic Health Records Laptop Workforce Wasting Time Threats Managed IT Customer Resource management File Sharing Regulations Drones Dark Data Google Calendar How To Microsoft Excel Trend Micro Data Analysis Security Cameras Workplace Strategies Star Wars Gamification Notifications Staff Competition Software as a Service Halloween Meta Managing Costs Amazon Travel Social Networking Legislation eCommerce Techology Fileless Malware SSID Google Maps Virtual Assistant Outsource IT Content Wearable Technology Hacks Surveillance Scary Stories User Virtual Machine Environment Fun Health IT Media Unified Threat Management Motherboard Comparison Permissions Reviews Deep Learning Unified Threat Management Directions Medical IT Assessment Transportation Small Businesses Development

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015