According to BlockBeats, SlowMist has issued a security alert regarding the Android banking Trojan Crocodilus, which attacks global cryptocurrency users and banking applications after an upgrade. The main threats include spreading through fake browser updates in Facebook ads, using overlay attacks to steal login credentials, extracting crypto wallet recovery phrases and private keys, and injecting fake bank support numbers into contact lists. The malware-as-a-service is available for rent, with each attack costing between $100 and $300. Users are advised to avoid unknown app updates and ad links.