The post the new malware that drains crypto wallets appeared on BitcoinEthereumNews.com.

A new malware called Crocodilus targets Android devices with the aim of stealing private keys, sensitive credentials, and two-factor authentication (2FA) codes from cryptocurrency wallets. Initially discovered in Spain and Turkey, Crocodilus uses highly sophisticated techniques of social engineering, remote control, and overlay phishing to take full control of the victim’s device. The threat is considered rapidly evolving and with the potential for global spread. Let’s examine in detail the technical characteristics of Crocodilus, its operation, and the countermeasures to adopt. What is the Crocodilus malware Crocodilus belongs to the category of Android banking trojans and has been identified by the Threat Fabric team as a modular and advanced mobile threat. Despite being a relatively recent variant, it already exhibits typical characteristics of new-generation mobile malware: Overlay attacks Keyboard logging Remote access and device control Escamotage for the evasion of advanced Android defenses The malware behaves like a classic Device Takeover Trojan, requiring the activation of the accessibility service at the time of installation, which provides it with full access to the screen, the virtual keyboard, and the ability to simulate touches or input. Techniques of attack employed The operational methods of Crocodilus are based on a lethal combination of social engineering and exploitation of the permissions required to operate. Main features of the malware: Full access to the device through abuse of the accessibility service Phishing technique via overlay to capture sensitive data Advanced keylogger with input recording capabilities even in secure apps Invisible screenshots to the user to steal codes from 2FA apps Communication with C2 server for transmission of stolen data Active evasion of protections in Android 13+ systems Dissemination and Purpose The malware was first identified in Spain and Turkey, but researchers predict a rapid global expansion of its reach. The main goal of Crocodilus is…

---

Filed under: News - @ March 31, 2025 12:23 pm