March 30, 2025 By Bill Toulas
A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access.
Although Crocodilus is a new banking malware, it features fully developed capabilities to take control of the device, harvest data, and remote control.
Researchers at fraud prevention company ThreatFabric say that the malware is distributed via a proprietary dropper that bypasses Android 13 (and later) security protections.
The dropper installs the malware without triggering Play Protect while also bypassing Accessibility Service restrictions.
What makes Crocodilus special is that it integrates social engineering to make victims provide access to their crypto-wallet seed phrase.
