You are here: Blog Josh Coppage Tip of the Week: Speed Up Your Computing with Windows Shortcuts

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Watch Out for This Scary New Malware: Crocodilus

Voyage Technology Blog Security
Watch Out for This Scary New Malware: Crocodilus

Mobile malware doesn’t get talked about a lot, and that’s because it’s relatively uncommon compared to others, but it’s still just as dangerous. Crocodilus, a new Trojan on the Android platform, is one such example. Today, we want to cover how you can address this new variant and avoid contact with it.

Crocodilus was first identified early in 2025, and it’s not just a data thief; it’s a comprehensive remote access Trojan (RAT). It can take over infected devices and steal sensitive financial information, especially banking credentials and cryptocurrency assets.

Luring in Unsuspecting Prey

Crocodilus is a threat used in conjunction with various social engineering tactics to lure in prey and strike. Its influence ranges from Turkey and Spain, all the way to Europe, South America, the United States, and parts of Asia.

Crocodilus spreads by malicious advertisements on social media platforms like Facebook. These ads might look like legitimate banking or e-commerce applications, and they might even offer special bonuses or time-sensitive offers. Once the user clicks on the ad, though, they are redirected to a malicious website that downloads Crocodilus. It bypasses all the security restrictions in place on newer Android versions—the ones intended to prevent the sideloading of malicious applications.

How Crocodilus Works

Crocodilus leverages Android’s Accessibility Services—services designed to assist users with disabilities while interacting with the device. It’s a despicable use of well-intentioned tools. Here’s what Crocodilus can do:

  • Overlay attacks - The malware can show fake login screens over legitimate banking and cryptocurrency apps, leading to users willingly giving away login credentials right to attackers.
  • Keylogging - Crocodilus records keystrokes and records everything… passwords, PINs, and private messages included.
  • Remote device takeover - This malware allows criminals to control the infected device, including navigating through apps, making transactions, and transferring funds.
  • Data theft - Crocodilus can steal information like contact lists, SMS messages, and data from other applications.
  • Cryptocurrency wallet theft - Crocodilus can steal the seed phrases used in cryptocurrency wallets through social engineering prompts like fake security backup alerts, all to get the user to share their recovery keys.
  • Encrypting its own code - Crocodilus is changing as time goes on, and a new variant called Pragma includes native code that encrypts its malicious payload, making it harder to detect and analyze.

Crocodilus is Rapidly Evolving

The hackers behind Crocodilus are continuously making efforts to upgrade and refine the malware, which has led to its rapid evolution in a short period of time. New features are constantly being added to make it more effective and dangerous, including one which allows the malware to add fake contacts to a victim’s contact list. This could make malicious calls look like they’re coming from a legitimate source and establish trust that should absolutely not be granted.

How to Protect Yourself from Crocodilus

There are ways to take the fight to Crocodilus, and they’re not terribly complicated ones. First, make sure you're not installing apps from unofficial sources; download from the Google Play Store and other trusted app storefronts. You should also be wary of any permissions you give to your apps, especially those that are requesting access to Accessibility Services. If the app doesn’t need access to services to work, but requests them anyway, consider it a red flag. Finally, make sure you update your Android operating system to the latest version, complete with the latest security patches and updates.

Worried about the latest digital threats? Voyage Technology can help. To learn more, call us at 800.618.9844.

Tweet
Tags:
Android Malware Security

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Productivity Business Software Innovation Hackers Cloud Network Security User Tips Hardware Internet Efficiency IT Support Malware Privacy Google Computer Email Workplace Tips Phishing Hosted Solutions IT Services Users Collaboration Mobile Device Workplace Strategy Ransomware Quick Tips Small Business Cybersecurity Microsoft Communication Passwords Data Backup Saving Money Smartphone Backup Managed Service Android Business Management VoIP Smartphones Mobile Devices communications Upgrade Disaster Recovery Browser Data Recovery Managed IT Services Social Media Microsoft Office Windows Remote Current Events Network Tech Term Internet of Things Productivity Facebook Automation Artificial Intelligence Gadgets AI Cloud Computing Covid-19 Remote Work Holiday Miscellaneous Server Managed Service Provider Outsourced IT Information Training Employee/Employer Relationship Encryption Spam Compliance Windows 10 Office Data Management Business Continuity Government Bandwidth Virtualization Business Technology Wi-Fi Blockchain IT Support Windows 10 Vendor Apps Data Security Two-factor Authentication Mobile Office Gmail Budget Apple App Employer-Employee Relationship Managed Services Voice over Internet Protocol Networking Mobile Device Management Chrome BYOD Applications WiFi Access Control Tip of the week Conferencing Computing Hacker Information Technology How To Avoiding Downtime BDR Marketing Office 365 HIPAA Router Storage Password Virtual Private Network Bring Your Own Device Health Big Data Help Desk Retail Operating System Healthcare Computers Managed IT Services Risk Management Website Office Tips Analytics Augmented Reality Physical Security Display The Internet of Things Printer Windows 11 Paperless Office Infrastructure Social Monitoring 2FA Excel Going Green Document Management Remote Workers Customer Service Cybercrime Telephone Scam Data loss Cooperation Free Resource Project Management Windows 7 Patch Management Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Vendor Management Solutions Firewall VPN Employees Meetings Integration Safety Sports User Tip Modem Computer Repair Mobile Security Mouse Processor Holidays Administration Data Storage Smart Technology Supply Chain Video Conferencing Machine Learning Managed Services Provider Professional Services Saving Time Virtual Machines Customer Relationship Management Settings Managed IT Service Printing Wireless Maintenance Content Filtering Hacking Antivirus Downloads iPhone Presentation YouTube Licensing Cryptocurrency Vulnerabilities Wireless Technology Entertainment Data Privacy Virtual Desktop Images 101 Data storage LiFi Telephone System Multi-Factor Authentication Robot Mobility Word Cost Management Outlook Money IT Management Humor Hacks Entrepreneur Scary Stories Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies Fraud Meta User Error Microchip Fun Internet Exlporer Software as a Service Username Managing Costs Amazon Deep Learning Undo Point of Sale eCommerce Black Friday SSID Database Surveillance Virtual Assistant Outsource IT Education Network Management Tech Support IT Technicians Virtual Machine Environment Media Monitors Cyber Monday Medical IT Mobile Computing Proxy Server Reviews Cookies Tactics Development Hotspot Transportation Small Businesses Search Websites Mirgation Hypervisor Displays Application Best Practice PowerPoint Buisness Shopping Nanotechnology Optimization Addiction Electronic Medical Records Language Employer/Employee Relationships Outsourcing IBM Legal IT solutions SharePoint Management PCI DSS Chatbots Navigation Business Growth Writing Distributed Denial of Service Workplace Lenovo Gig Economy Screen Reader Service Level Agreement Internet Service Provider Virtual Reality Computing Infrastructure Teamwork Hiring/Firing Cortana Server Management Regulations Compliance Private Cloud Identity Evernote Paperless Alt Codes Co-managed IT Competition Downtime Superfish Bookmark Identity Theft Smart Tech Memes Download Net Neutrality Twitter Alerts SQL Server Technology Care Hosted Solution Typing Financial Data Error History Business Communications Social Engineering Break Fix Scams Browsers Smartwatch Connectivity IT Knowledge Upload Procurement Remote Computing Azure Hybrid Work Google Drive User Social Network Telework Cyber security Multi-Factor Security Tech Human Resources Dark Web Cables CES 5G Tablet IoT Communitications Experience Trends Supply Chain Management Alert IP Address Google Docs Unified Communications Bitcoin Running Cable Managed IT Customer Resource management FinTech File Sharing Regulations Dark Data Google Calendar Term Google Apps How To Microsoft Excel IT Maintenance Google Wallet Data Analysis Star Wars IT Assessment Gamification Flexibility Notifications Staff Value Business Intelligence Recovery Hard Drives Windows 8 Laptop Organization Travel Social Networking Legislation Shortcuts Ransmoware Domains Drones Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Content Remote Working Wearable Technology Memory Vendors Refrigeration Halloween Health IT Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Permissions Workforce Public Speaking Unified Threat Management Directions Videos Assessment Electronic Health Records Wasting Time Threats Lithium-ion battery

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015