The fraud prevention firm ThreatFabric says an alarming new banking malware is evolving to more effectively avoid detection and steal personal data.
Security researchers at ThreatFabric say Crocodilus, a new and sophisticated strain of malware that targets mobile banking apps and crypto wallets on Android phones.
-->“Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remote control, black screen overlays, and advanced data harvesting via accessibility logging.”
ThreatFabric says Crocodilus is emerging as a major threat since it first detected the malware in March.
“Notably, its campaigns are no longer regionally confined; the malware has extended its reach to new geographical areas, underscoring its transition into a truly global threat.”
One alarming evolution detected in Crocodilus is its ability to infiltrate the user’s contact list and add itself to it, bypassing fraud detection programs that flag callers not in a user’s contacts.
“…Crocodilus demonstrates a level of maturity uncommon in newly discovered threats. Already observed targeting banks in Spain and Turkey and popular cryptocurrency wallets, Crocodilus is clearly engineered to go after high-value assets.
The rise of new threats like Crocodilus shows that basic, signature-based detection methods are no longer enough—especially in the early stages when the malware first starts spreading. To stay protected, financial institutions should adopt a layered security approach that includes thorough device and behaviour-based risk analysis on their customers’ devices.”
Follow us on X, Facebook and Telegram
