Crocodilus
1,247 views
5 Discussing
Hot
Latest
đ¨ Android Malware âCrocodilusâ Steals Crypto Wallets
New malware "#Crocodilus " targets Android users by mimicking app overlays.
đšTricks users into revealing crypto seed phrases by showing fake backup warnings.
đšOnce access is granted, it captures data, takes control, and drains wallets.
đťTargets users in #Turkey and #Spain but may expand.
đšInitial infection via unverified software bypassing Android 13 security.
-Threat Fabric
New malware "#Crocodilus " targets Android users by mimicking app overlays.
đšTricks users into revealing crypto seed phrases by showing fake backup warnings.
đšOnce access is granted, it captures data, takes control, and drains wallets.
đťTargets users in #Turkey and #Spain but may expand.
đšInitial infection via unverified software bypassing Android 13 security.
-Threat Fabric
See original
Crocodilus âCrocodileâ Attacks Crypto Wallets: Android Users in Turkey and Spain Are at Risk
On March 31, 2025, ThreatFabric â a company specializing in fraud prevention â discovered a new type of malware on Android called âCrocodilus,â which is silently stealing users' cryptocurrency wallets. With sophisticated techniques, from remote control to stealing seed phrases, Crocodilus has targeted users in Turkey and Spain. Will this threat spread and shake the crypto market?
See original
Attention crypto community!
A new virus called Crocodilus is affecting Android mobile phones, especially in Spain and Turkey.
This malware can steal your bank details and empty your crypto wallets if you are not protected.
How to protect yourself?
â Download apps only from official stores
â Enable two-step verification
â Do not share your private keys
â Keep your phone updated
At Binance, your security is our priority.
Share this information and help protect others.
#BinanceSquareTalks #SeguridadCripto #cuidatudinero #Crocodilus #CryptoTips
A new virus called Crocodilus is affecting Android mobile phones, especially in Spain and Turkey.
This malware can steal your bank details and empty your crypto wallets if you are not protected.
How to protect yourself?
â Download apps only from official stores
â Enable two-step verification
â Do not share your private keys
â Keep your phone updated
At Binance, your security is our priority.
Share this information and help protect others.
#BinanceSquareTalks #SeguridadCripto #cuidatudinero #Crocodilus #CryptoTips
đ Crocodilus Dangerous Android Trojan Hunting Cryptocurrency
đ Cybersecurity researchers at Threat Fabric have discovered a new family of mobile malware that can trick Android users into revealing their cryptocurrency wallet seed phrases.
đ According to a report from March 28, the Crocodilus malware uses fake screens on top of legitimate apps and displays a warning about the need to back up your crypto wallet key within a certain period of time.
đŁď¸ âAfter the victim enters the app password, a message appears on the screen: âBack up your wallet key in Settings within 12 hours. Otherwise, the app will be reset and you may lose access to your wallet,ââ Threat Fabric explains.
đ§This social engineering trick directs the user to the seed phrase section, which allows Crocodilus to collect this information via Androidâs accessibility logger. Once the attackers obtain the seed phrase, they gain full control over the wallet and can âempty it completely.â
đ Crocodilus is a new malware that, according to experts, has all the features of modern hacking software, including attacks using screen overlays, advanced data collection through screen capture with sensitive information (such as passwords), and remote access to gain control over the infected device.
âď¸ The initial infection occurs when the malware is unintentionally downloaded as part of other software that bypasses Android 13 protection and other security mechanisms.
đĄď¸Once installed đ Crocodilus requests that the accessibility service be enabled, which allows the hackers to access the device.
âOnce these rights are granted, the malware connects to the command and control (C2) server to receive instructions, including a list of target applications and screen overlays,â Threat Fabric notes.
đ The malware runs continuously, monitoring application launches and displaying overlays to intercept credentials. When the targeted banking or cryptocurrency app is opened, a fake screen is launched on top of it, and the hackers take control of the device.
âWith stolen personal data and credentials, attackers can take full control of the victimâs device using built-in remote access and secretly make fraudulent transactions,â the experts warn.
#Malwareattack #SAFUđ #SecurityAlert #Crocodilus #Alertđ´
đ According to a report from March 28, the Crocodilus malware uses fake screens on top of legitimate apps and displays a warning about the need to back up your crypto wallet key within a certain period of time.
đŁď¸ âAfter the victim enters the app password, a message appears on the screen: âBack up your wallet key in Settings within 12 hours. Otherwise, the app will be reset and you may lose access to your wallet,ââ Threat Fabric explains.
đ§This social engineering trick directs the user to the seed phrase section, which allows Crocodilus to collect this information via Androidâs accessibility logger. Once the attackers obtain the seed phrase, they gain full control over the wallet and can âempty it completely.â
đ Crocodilus is a new malware that, according to experts, has all the features of modern hacking software, including attacks using screen overlays, advanced data collection through screen capture with sensitive information (such as passwords), and remote access to gain control over the infected device.
âď¸ The initial infection occurs when the malware is unintentionally downloaded as part of other software that bypasses Android 13 protection and other security mechanisms.
đĄď¸Once installed đ Crocodilus requests that the accessibility service be enabled, which allows the hackers to access the device.
âOnce these rights are granted, the malware connects to the command and control (C2) server to receive instructions, including a list of target applications and screen overlays,â Threat Fabric notes.
đ The malware runs continuously, monitoring application launches and displaying overlays to intercept credentials. When the targeted banking or cryptocurrency app is opened, a fake screen is launched on top of it, and the hackers take control of the device.
âWith stolen personal data and credentials, attackers can take full control of the victimâs device using built-in remote access and secretly make fraudulent transactions,â the experts warn.
#Malwareattack #SAFUđ #SecurityAlert #Crocodilus #Alertđ´
Login to explore more contents