A recent piece of malware targets Android devices, stealing user information and taking over the devices
A new threat is already emerging despite Google's efforts to reduce the amount of malware that spreads on Android: a financial infection that could put users' mobile phones in grave danger.
Although Google is making every effort, it is evident that not all threats that come through Android can be prevented in the first place. The most recent one gets past Google Play Protect's security measures to infiltrate users' phones with malicious intent.
Google Play Protect, which is available in the Google Play Store, is unable to stop or detect this malicious threat, which was found by ThreatFabric. Additionally, it works on all impacted devices running Android 13 or later and is not restricted by accessibility settings or other safeguards based on the Android operating system.
The main goal of the malware, known as Crocodilus, is to steal the cryptocurrency wallets of its victims. When users lose this access, their accounts become totally vulnerable. Since many people's wallets are filled with cryptocurrency, cybercriminals try to take control of it, move it to other wallets, and then sell it. But losing cryptocurrency is just one aspect of the infection.
This virus instructs the user to backup their account access key within 12 hours after it appears on their screen. The cybercriminals' message makes it clear that they risk having their wallet account reset and losing access to it if they do not make a backup. Naturally, it is natural to become alarmed and fear losing access to our cryptocurrency wallet, so it makes sense that some people have fallen for this trick.
Even worse, Crocodilus continues to attack after deleting all of your cryptocurrency and emptying your wallet. Subsequently, the malware grants cybercriminals command over your mobile device. They can then remotely carry out a variety of tasks, including installing apps and stealing your data. This is not any more dangerous than having your cryptocurrency stolen, but it is still concerning because it could give them access to other financial apps.
As before, the malware takes over the accessibility service and gets past the phone's security measures. Hackers can take and send screenshots, send text messages, forward calls, and carry out other highly regarded commands as soon as the virus takes over the phone.