You are here: Blog Tags IBM

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Watch Out for This Scary New Malware: Crocodilus

Voyage Technology Blog Security
Watch Out for This Scary New Malware: Crocodilus

Mobile malware doesn’t get talked about a lot, and that’s because it’s relatively uncommon compared to others, but it’s still just as dangerous. Crocodilus, a new Trojan on the Android platform, is one such example. Today, we want to cover how you can address this new variant and avoid contact with it.

Crocodilus was first identified early in 2025, and it’s not just a data thief; it’s a comprehensive remote access Trojan (RAT). It can take over infected devices and steal sensitive financial information, especially banking credentials and cryptocurrency assets.

Luring in Unsuspecting Prey

Crocodilus is a threat used in conjunction with various social engineering tactics to lure in prey and strike. Its influence ranges from Turkey and Spain, all the way to Europe, South America, the United States, and parts of Asia.

Crocodilus spreads by malicious advertisements on social media platforms like Facebook. These ads might look like legitimate banking or e-commerce applications, and they might even offer special bonuses or time-sensitive offers. Once the user clicks on the ad, though, they are redirected to a malicious website that downloads Crocodilus. It bypasses all the security restrictions in place on newer Android versions—the ones intended to prevent the sideloading of malicious applications.

How Crocodilus Works

Crocodilus leverages Android’s Accessibility Services—services designed to assist users with disabilities while interacting with the device. It’s a despicable use of well-intentioned tools. Here’s what Crocodilus can do:

  • Overlay attacks - The malware can show fake login screens over legitimate banking and cryptocurrency apps, leading to users willingly giving away login credentials right to attackers.
  • Keylogging - Crocodilus records keystrokes and records everything… passwords, PINs, and private messages included.
  • Remote device takeover - This malware allows criminals to control the infected device, including navigating through apps, making transactions, and transferring funds.
  • Data theft - Crocodilus can steal information like contact lists, SMS messages, and data from other applications.
  • Cryptocurrency wallet theft - Crocodilus can steal the seed phrases used in cryptocurrency wallets through social engineering prompts like fake security backup alerts, all to get the user to share their recovery keys.
  • Encrypting its own code - Crocodilus is changing as time goes on, and a new variant called Pragma includes native code that encrypts its malicious payload, making it harder to detect and analyze.

Crocodilus is Rapidly Evolving

The hackers behind Crocodilus are continuously making efforts to upgrade and refine the malware, which has led to its rapid evolution in a short period of time. New features are constantly being added to make it more effective and dangerous, including one which allows the malware to add fake contacts to a victim’s contact list. This could make malicious calls look like they’re coming from a legitimate source and establish trust that should absolutely not be granted.

How to Protect Yourself from Crocodilus

There are ways to take the fight to Crocodilus, and they’re not terribly complicated ones. First, make sure you're not installing apps from unofficial sources; download from the Google Play Store and other trusted app storefronts. You should also be wary of any permissions you give to your apps, especially those that are requesting access to Accessibility Services. If the app doesn’t need access to services to work, but requests them anyway, consider it a red flag. Finally, make sure you update your Android operating system to the latest version, complete with the latest security patches and updates.

Worried about the latest digital threats? Voyage Technology can help. To learn more, call us at 800.618.9844.

Tweet
Tags:
Android Malware Security

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Efficiency Hardware Network Security User Tips Internet IT Services Malware IT Support Privacy Email Workplace Tips Phishing Google Computer Workplace Strategy Small Business Collaboration Hosted Solutions Backup Users Ransomware Managed Service Mobile Device Productivity Microsoft Saving Money AI Quick Tips Passwords Communication Cybersecurity Data Backup Smartphone Disaster Recovery Data Recovery Android Upgrade VoIP Business Management Smartphones Mobile Devices communications Windows Browser Social Media Microsoft Office Managed IT Services Current Events Network Tech Term Internet of Things Remote Miscellaneous Information Automation Artificial Intelligence Facebook Holiday Training Compliance Gadgets Cloud Computing Covid-19 Managed Service Provider Outsourced IT Remote Work Server IT Support Employee/Employer Relationship Encryption Spam Windows 10 Office Data Management Business Continuity Government Business Technology Windows 10 Bandwidth Virtualization Blockchain Wi-Fi Two-factor Authentication Mobile Office Managed Services Data Security Apps Vendor Mobile Device Management Chrome Tip of the week Gmail Budget Voice over Internet Protocol WiFi Apple Networking App Employer-Employee Relationship BYOD Marketing Office 365 Access Control Conferencing Password Managed IT Services How To BDR Computing HIPAA Hacker Physical Security Information Technology Avoiding Downtime Applications Website Health Analytics Office Tips 2FA Help Desk Augmented Reality Storage Retail Bring Your Own Device Healthcare Big Data Operating System Computers Router Risk Management Virtual Private Network Printer Paperless Office Windows 11 Infrastructure Monitoring Firewall Excel Document Management Managed IT Service Remote Workers The Internet of Things Telephone Scam Data loss Social Cooperation Free Resource Project Management Windows 7 Going Green Patch Management Save Money Microsoft 365 Remote Monitoring Customer Service Vulnerability Cybercrime End of Support Vendor Management Solutions Display Computer Repair Mobile Security Processor Virtual Desktop Data storage LiFi Holidays Word Outlook Data Storage Smart Technology Supply Chain Money Video Conferencing Humor Machine Learning Managed Services Provider Saving Time Virtual Machines Professional Services Safety Sports Maintenance Mouse Antivirus Downloads iPhone Administration Licensing Vulnerabilities Entertainment Data Privacy Images 101 Customer Relationship Management Telephone System Multi-Factor Authentication Settings Robot Mobility Wireless Printing Cost Management Content Filtering Hacking Presentation YouTube IT Management VPN Employees Cryptocurrency Meetings Integration Wireless Technology User Tip Modem Virtual Assistant Outsource IT Google Wallet Database Surveillance Network Management Recovery Tech Support IT Technicians Virtual Machine Environment Media Proxy Server Reviews Hard Drives Windows 8 Cookies Laptop Monitors Cyber Monday Medical IT Hotspot Transportation Small Businesses Domains Drones Tactics Development Websites Mirgation Hypervisor Displays Shopping Refrigeration Nanotechnology Optimization Halloween PowerPoint Electronic Medical Records Language Employer/Employee Relationships Outsourcing SharePoint Public Speaking Addiction Lithium-ion battery Management PCI DSS Chatbots Navigation Lenovo Gig Economy Hacks Screen Reader Entrepreneur Scary Stories Writing Distributed Denial of Service Workplace Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Fun Server Management Regulations Compliance Deep Learning Private Cloud Identity Evernote Paperless Co-managed IT Superfish Bookmark Undo Identity Theft Smart Tech Memes Download Net Neutrality Education Twitter Alerts SQL Server Technology Care Financial Data Error History Business Communications Social Engineering Break Fix Scams Browsers Smartwatch Mobile Computing Connectivity IT Upload Procurement Remote Computing Azure Hybrid Work Search Social Network Telework Application Best Practice Cyber security Multi-Factor Security Tech Human Resources Dark Web Cables CES Tablet IoT Communitications Buisness Trends Supply Chain Management IT solutions Alert IBM Legal Managed IT Customer Resource management FinTech Business Growth File Sharing Regulations Dark Data Google Calendar Term Google Apps How To Microsoft Excel IT Maintenance Data Analysis Star Wars IT Assessment Gamification Flexibility Notifications Staff Value Business Intelligence Cortana Organization Alt Codes Travel Social Networking Legislation Shortcuts Ransmoware Techology Fileless Malware Digital Security Cameras Competition Google Maps Smart Devices Downtime Content Remote Working Hosted Solution Wearable Technology Memory Vendors Health IT Typing Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Permissions Workforce Unified Threat Management Directions Videos Assessment Electronic Health Records User Wasting Time Threats Knowledge Google Drive Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Fraud Meta 5G User Error Microchip Internet Exlporer Software as a Service Username Unified Communications Managing Costs Amazon Experience IP Address Google Docs Bitcoin Point of Sale eCommerce Running Cable Black Friday SSID

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015