Trojan is aimed at certain banking applications and popular cryptocurrencies. The malicious program displays a warning about the need to create a reserve copy of the cryptocurular key, explained in Threat Fabric:
“After the victim enters the password from the application, the message appears on the screen:“ Create a backup copy of your wallet key in the settings for 12 hours. Otherwise, the application will be dropped and you can lose access to your wallet. ”
The initial infection occurs with unintentional loading of the malicious Trojan as part of another software that costs the protection of the Android 13 operating system and other security mechanisms, analysts noted.
Crocodilus can show a black screen and turn off the sounds of the operation of other applications to make hackers on the device invisible to the user.
Crocodilus is noticed in attacks on the banks of Spain and Turkey, as well as cryptocurrency wallets, specially created for hunting for expensive assets. The developers of Troyan can speak Turkish. This is what the notes in the code. For malicious software, there can be a fraudster named Sybra, they told Threat Fabric:
“The emergence of a mobile banking trojan Crocodilus indicates a significant complication of modern malware and an increase in the level of the threat created by him for the owners of cryptocurrencies.”
Earlier, the Russian Ministry of Internal Affairs reported that attackers can use the vulnerabilities of the network devices of the Internet of Things (IOT) of the Smart House for hidden cryptocurrency mining and cyber attacks, including DDOS attacks.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
