A new banking Trojan attacks Android phones silently. It is called Crocodilus and is highly effective because it uses an imperceptible black screen.
The virus makes it easier for cybercriminals by silencing the device to steal banking credentials.
“It targets people in Spain and Turkey, and its success has surprised both banks and cryptocurrency platforms.” The specialists at ThreatFabric were responsible for the discovery, and “it poses a very comprehensive threat because it is equipped with modern techniques such as remote control, black screen overlays, and advanced data collection through accessibility logging, among others.”
The Trojan is installed using a dropper, an executable malware that can bypass restrictions on Android 13 and later. Once installed, it requests the Accessibility Service be enabled for proper operation and “connects to the command server to receive instructions, which include the list of target apps, as well as the interface that will impersonate the legitimate app (overlays) to steal user credentials.”
Crocodilus can perform keylogging, which relies on a keylogger or keystroke log, and thus records on-screen password input. By acting remotely, it facilitates the actions of cybercriminals.
M.Pino
Source: 20minutos
(Reference image source: Denny Müller on Unsplash)
Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram