You are here: Blog Tags Vulnerabilities

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Watch Out for This Scary New Malware: Crocodilus

Voyage Technology Blog Security
Watch Out for This Scary New Malware: Crocodilus

Mobile malware doesn’t get talked about a lot, and that’s because it’s relatively uncommon compared to others, but it’s still just as dangerous. Crocodilus, a new Trojan on the Android platform, is one such example. Today, we want to cover how you can address this new variant and avoid contact with it.

Crocodilus was first identified early in 2025, and it’s not just a data thief; it’s a comprehensive remote access Trojan (RAT). It can take over infected devices and steal sensitive financial information, especially banking credentials and cryptocurrency assets.

Luring in Unsuspecting Prey

Crocodilus is a threat used in conjunction with various social engineering tactics to lure in prey and strike. Its influence ranges from Turkey and Spain, all the way to Europe, South America, the United States, and parts of Asia.

Crocodilus spreads by malicious advertisements on social media platforms like Facebook. These ads might look like legitimate banking or e-commerce applications, and they might even offer special bonuses or time-sensitive offers. Once the user clicks on the ad, though, they are redirected to a malicious website that downloads Crocodilus. It bypasses all the security restrictions in place on newer Android versions—the ones intended to prevent the sideloading of malicious applications.

How Crocodilus Works

Crocodilus leverages Android’s Accessibility Services—services designed to assist users with disabilities while interacting with the device. It’s a despicable use of well-intentioned tools. Here’s what Crocodilus can do:

  • Overlay attacks - The malware can show fake login screens over legitimate banking and cryptocurrency apps, leading to users willingly giving away login credentials right to attackers.
  • Keylogging - Crocodilus records keystrokes and records everything… passwords, PINs, and private messages included.
  • Remote device takeover - This malware allows criminals to control the infected device, including navigating through apps, making transactions, and transferring funds.
  • Data theft - Crocodilus can steal information like contact lists, SMS messages, and data from other applications.
  • Cryptocurrency wallet theft - Crocodilus can steal the seed phrases used in cryptocurrency wallets through social engineering prompts like fake security backup alerts, all to get the user to share their recovery keys.
  • Encrypting its own code - Crocodilus is changing as time goes on, and a new variant called Pragma includes native code that encrypts its malicious payload, making it harder to detect and analyze.

Crocodilus is Rapidly Evolving

The hackers behind Crocodilus are continuously making efforts to upgrade and refine the malware, which has led to its rapid evolution in a short period of time. New features are constantly being added to make it more effective and dangerous, including one which allows the malware to add fake contacts to a victim’s contact list. This could make malicious calls look like they’re coming from a legitimate source and establish trust that should absolutely not be granted.

How to Protect Yourself from Crocodilus

There are ways to take the fight to Crocodilus, and they’re not terribly complicated ones. First, make sure you're not installing apps from unofficial sources; download from the Google Play Store and other trusted app storefronts. You should also be wary of any permissions you give to your apps, especially those that are requesting access to Accessibility Services. If the app doesn’t need access to services to work, but requests them anyway, consider it a red flag. Finally, make sure you update your Android operating system to the latest version, complete with the latest security patches and updates.

Worried about the latest digital threats? Voyage Technology can help. To learn more, call us at 800.618.9844.

Tweet
Tags:
Android Malware Security

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Hardware Efficiency Network Security User Tips Internet Malware IT Support IT Services Privacy Workplace Tips Computer Google Email Phishing Collaboration Hosted Solutions Users Workplace Strategy Ransomware Mobile Device Small Business Microsoft Backup Productivity Managed Service Quick Tips Passwords Saving Money Cybersecurity Communication Smartphone Data Backup Android Disaster Recovery AI Data Recovery Upgrade Business Management Smartphones VoIP Mobile Devices communications Windows Social Media Browser Managed IT Services Microsoft Office Network Current Events Tech Term Internet of Things Remote Miscellaneous Artificial Intelligence Information Holiday Facebook Automation Gadgets Covid-19 Cloud Computing Training Compliance Remote Work Server Managed Service Provider IT Support Outsourced IT Spam Encryption Employee/Employer Relationship Office Windows 10 Business Continuity Government Data Management Virtualization Bandwidth Blockchain Wi-Fi Windows 10 Business Technology Apps Vendor Data Security Mobile Office Two-factor Authentication Tip of the week Chrome Budget Employer-Employee Relationship Apple Networking App BYOD Mobile Device Management Gmail Managed Services Voice over Internet Protocol WiFi HIPAA How To Hacker BDR Applications Avoiding Downtime Marketing Computing Information Technology Conferencing Access Control Office 365 Analytics Office Tips Big Data Augmented Reality Retail Storage Password Bring Your Own Device Managed IT Services Router Computers Website 2FA Operating System Help Desk Virtual Private Network Risk Management Health Healthcare Document Management Cooperation Free Resource Social Project Management Windows 7 Microsoft 365 Scam Data loss Solutions Customer Service Going Green Patch Management Save Money Windows 11 Remote Monitoring End of Support Vulnerability Vendor Management Monitoring Cybercrime Physical Security Excel Firewall Display Printer Remote Workers Paperless Office Infrastructure Telephone The Internet of Things Outlook Vulnerabilities Machine Learning Entertainment Data Privacy Money Humor Images 101 Mobility Maintenance Telephone System Multi-Factor Authentication Cost Management Antivirus Sports Customer Relationship Management Mouse Administration Hacking Employees Presentation Integration User Tip Wireless Technology Modem Robot Mobile Security Processor Settings Holidays Wireless Printing Content Filtering Data Storage Word Smart Technology Supply Chain IT Management Video Conferencing VPN YouTube Meetings Managed Services Provider Professional Services Cryptocurrency Saving Time Virtual Machines Computer Repair Managed IT Service Safety Virtual Desktop LiFi Downloads Data storage iPhone Licensing SharePoint Electronic Medical Records Social Network Telework Cyber security Multi-Factor Security Tech Human Resources Dark Web Cables Halloween CES IoT Communitications Writing Trends Supply Chain Management Application Lenovo Virtual Reality Customer Resource management FinTech Regulations Google Calendar Term Google Apps Star Wars IT Assessment Microsoft Excel IT Maintenance Hacks Server Management Scary Stories Private Cloud Data Analysis IBM Identity Theft Fun Gamification Flexibility Staff Value Business Intelligence Superfish Legislation Shortcuts Deep Learning Twitter Organization Social Networking Smart Devices Ransmoware Error Fileless Malware Digital Security Cameras Education Social Engineering Content Remote Working Wearable Technology Memory Vendors Comparison Google Play Be Proactive Remote Computing Health IT Competition Motherboard Data Breach Assessment Electronic Health Records Permissions Workforce Mobile Computing Directions Videos Tablet Search Wasting Time Threats Specifications Security Cameras Workplace Strategies Best Practice Alert Trend Micro Dark Data Internet Exlporer Software as a Service User Fraud Meta Managed IT Buisness File Sharing Microchip IT solutions How To Username Managing Costs Amazon Legal Black Friday SSID Business Growth Notifications eCommerce Database Surveillance Virtual Assistant Outsource IT Travel IP Address Google Maps Cortana IT Technicians Virtual Machine Environment Media Techology Cyber Monday Medical IT Alt Codes Proxy Server Reviews Cookies Tactics Development Recovery Hotspot Transportation Small Businesses Downtime Unified Threat Management Hosted Solution Hard Drives Mirgation Hypervisor Displays Unified Threat Management PowerPoint Typing Shopping Domains Nanotechnology Optimization Network Congestion Addiction Language Employer/Employee Relationships Outsourcing Knowledge Management PCI DSS Refrigeration Chatbots Navigation Google Drive User Error Distributed Denial of Service Workplace Gig Economy Public Speaking Screen Reader Lithium-ion battery 5G Service Level Agreement Internet Service Provider Computing Infrastructure Teamwork Hiring/Firing Point of Sale Unified Communications Experience Regulations Compliance Identity Entrepreneur Evernote Paperless Google Docs Co-managed IT Bitcoin Network Management Running Cable Tech Support Bookmark Smart Tech Memes Monitors Download Net Neutrality Alerts SQL Server Technology Care Google Wallet Financial Data Undo History Business Communications Break Fix Scams Windows 8 Laptop Websites Browsers Smartwatch Connectivity IT Upload Procurement Azure Hybrid Work Drones

Blog Archive

2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015