You are here: Blog Tags Project Management

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Watch Out for This Scary New Malware: Crocodilus

Voyage Technology Blog Security
Watch Out for This Scary New Malware: Crocodilus

Mobile malware doesn’t get talked about a lot, and that’s because it’s relatively uncommon compared to others, but it’s still just as dangerous. Crocodilus, a new Trojan on the Android platform, is one such example. Today, we want to cover how you can address this new variant and avoid contact with it.

Crocodilus was first identified early in 2025, and it’s not just a data thief; it’s a comprehensive remote access Trojan (RAT). It can take over infected devices and steal sensitive financial information, especially banking credentials and cryptocurrency assets.

Luring in Unsuspecting Prey

Crocodilus is a threat used in conjunction with various social engineering tactics to lure in prey and strike. Its influence ranges from Turkey and Spain, all the way to Europe, South America, the United States, and parts of Asia.

Crocodilus spreads by malicious advertisements on social media platforms like Facebook. These ads might look like legitimate banking or e-commerce applications, and they might even offer special bonuses or time-sensitive offers. Once the user clicks on the ad, though, they are redirected to a malicious website that downloads Crocodilus. It bypasses all the security restrictions in place on newer Android versions—the ones intended to prevent the sideloading of malicious applications.

How Crocodilus Works

Crocodilus leverages Android’s Accessibility Services—services designed to assist users with disabilities while interacting with the device. It’s a despicable use of well-intentioned tools. Here’s what Crocodilus can do:

  • Overlay attacks - The malware can show fake login screens over legitimate banking and cryptocurrency apps, leading to users willingly giving away login credentials right to attackers.
  • Keylogging - Crocodilus records keystrokes and records everything… passwords, PINs, and private messages included.
  • Remote device takeover - This malware allows criminals to control the infected device, including navigating through apps, making transactions, and transferring funds.
  • Data theft - Crocodilus can steal information like contact lists, SMS messages, and data from other applications.
  • Cryptocurrency wallet theft - Crocodilus can steal the seed phrases used in cryptocurrency wallets through social engineering prompts like fake security backup alerts, all to get the user to share their recovery keys.
  • Encrypting its own code - Crocodilus is changing as time goes on, and a new variant called Pragma includes native code that encrypts its malicious payload, making it harder to detect and analyze.

Crocodilus is Rapidly Evolving

The hackers behind Crocodilus are continuously making efforts to upgrade and refine the malware, which has led to its rapid evolution in a short period of time. New features are constantly being added to make it more effective and dangerous, including one which allows the malware to add fake contacts to a victim’s contact list. This could make malicious calls look like they’re coming from a legitimate source and establish trust that should absolutely not be granted.

How to Protect Yourself from Crocodilus

There are ways to take the fight to Crocodilus, and they’re not terribly complicated ones. First, make sure you're not installing apps from unofficial sources; download from the Google Play Store and other trusted app storefronts. You should also be wary of any permissions you give to your apps, especially those that are requesting access to Accessibility Services. If the app doesn’t need access to services to work, but requests them anyway, consider it a red flag. Finally, make sure you update your Android operating system to the latest version, complete with the latest security patches and updates.

Worried about the latest digital threats? Voyage Technology can help. To learn more, call us at 800.618.9844.

Tweet
Tags:
Android Malware Security

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Hardware Efficiency Network Security User Tips Internet Malware IT Support Privacy Google Email Workplace Tips Computer Phishing IT Services Collaboration Hosted Solutions Workplace Strategy Users Ransomware Mobile Device Backup Microsoft Small Business Productivity Quick Tips Saving Money Managed Service Passwords Communication Cybersecurity Smartphone Data Backup Android Upgrade Disaster Recovery Data Recovery AI VoIP Business Management Smartphones Mobile Devices communications Windows Browser Social Media Managed IT Services Microsoft Office Network Current Events Tech Term Internet of Things Remote Artificial Intelligence Facebook Miscellaneous Information Holiday Automation Gadgets Cloud Computing Covid-19 Training Managed Service Provider Compliance Remote Work Server Outsourced IT IT Support Encryption Spam Employee/Employer Relationship Office Windows 10 Business Continuity Data Management Government Bandwidth Windows 10 Virtualization Blockchain Wi-Fi Business Technology Data Security Apps Vendor Two-factor Authentication Mobile Office Chrome Managed Services Mobile Device Management Budget Voice over Internet Protocol Gmail Apple Networking WiFi App Employer-Employee Relationship BYOD Tip of the week Conferencing How To BDR HIPAA Computing Applications Information Technology Hacker Access Control Avoiding Downtime Office 365 Marketing Augmented Reality Retail Storage Healthcare Password Bring Your Own Device Managed IT Services 2FA Big Data Operating System Router Virtual Private Network Risk Management Computers Health Help Desk Analytics Website Office Tips Document Management Remote Workers Firewall Telephone Scam Data loss Windows 11 The Internet of Things Cooperation Free Resource Project Management Windows 7 Social Going Green Patch Management Excel Save Money Microsoft 365 Remote Monitoring End of Support Vulnerability Vendor Management Solutions Cybercrime Physical Security Customer Service Display Printer Paperless Office Infrastructure Monitoring Money Saving Time Virtual Machines Professional Services Humor Word Managed IT Service Maintenance Sports Downloads Antivirus Mouse iPhone Licensing Safety Entertainment Administration Vulnerabilities Images 101 Supply Chain Multi-Factor Authentication Robot Mobility Telephone System Cost Management Settings Wireless Printing Content Filtering IT Management Customer Relationship Management VPN Employees YouTube Meetings Integration Cryptocurrency User Tip Modem Hacking Processor Presentation Computer Repair Mobile Security Virtual Desktop Holidays Data Privacy Data storage LiFi Wireless Technology Data Storage Smart Technology Outlook Video Conferencing Machine Learning Managed Services Provider Lenovo Gig Economy Screen Reader Hard Drives Writing Distributed Denial of Service Vendors Be Proactive Service Level Agreement Internet Service Provider Domains Virtual Reality Computing Infrastructure Teamwork Scary Stories Private Cloud Identity Evernote Workforce Hacks Server Management Regulations Compliance Superfish Bookmark Identity Theft Smart Tech Memes Refrigeration Fun Threats Workplace Strategies Deep Learning Download Net Neutrality Public Speaking Twitter Alerts SQL Server Error History Meta Financial Data Lithium-ion battery Browsers Smartwatch Education Connectivity IT Social Engineering Break Fix Entrepreneur Amazon Upload Procurement Remote Computing Azure Cyber security Multi-Factor Security Tech Outsource IT Mobile Computing Social Network Telework Media CES Tablet IoT Communitications Undo Search Dark Web Environment Best Practice Trends Supply Chain Management Alert Buisness File Sharing Regulations Dark Data Google Calendar Term Small Businesses Managed IT Customer Resource management FinTech Legal Data Analysis IT solutions Star Wars IT Assessment How To Microsoft Excel Displays Business Growth Gamification Flexibility Notifications Staff Value Travel Social Networking Application Legislation Outsourcing Organization Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Cortana Workplace Alt Codes Content Remote Working IBM Wearable Technology Memory Downtime Unified Threat Management Motherboard Data Breach Comparison Google Play Hiring/Firing Health IT Paperless Unified Threat Management Directions Videos Hosted Solution Assessment Electronic Health Records Permissions Co-managed IT Typing Wasting Time Trend Micro Network Congestion Specifications Security Cameras Technology Care Business Communications Google Drive User Error Microchip Internet Exlporer Software as a Service Competition Knowledge Fraud Managing Costs Scams Username Point of Sale eCommerce 5G Black Friday SSID Hybrid Work Human Resources Google Docs Unified Communications Database Surveillance Experience Virtual Assistant Running Cable Tech Support IT Technicians Virtual Machine User Cables Bitcoin Network Management Google Wallet Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Google Apps Tactics Development Hotspot Transportation Laptop Websites Mirgation Hypervisor IT Maintenance Windows 8 IP Address Drones Shopping Nanotechnology Optimization PowerPoint Business Intelligence Shortcuts SharePoint Addiction Electronic Medical Records Language Employer/Employee Relationships Halloween Chatbots Recovery Navigation Ransmoware Management PCI DSS

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015