The malware Crocodilus is proliferating around the world with a new feature of crypto wallet and bank hijacking

PANews reported on June 3 that, according to Cointelegraph, the Android banking Trojan Crocodilus has recently upgraded and began to attack cryptocurrency users and bank customers around the world. Security firm ThreatFabric found that the malware had spread from its original Turkish region to Poland, Spain, Argentina and other countries. The latest variant is capable of spreading malicious programs disguised as browser updates through Facebook ads, using overlay attacks to steal login credentials from banks and encrypted apps. The Trojan adds the ability to automatically extract the mnemonic phrase and private key of a cryptocurrency wallet, as well as modify the victim's address book to implant a fake "bank support" number. Attackers can now rent crypto stealing tools to commit crimes for 100-300 USDT per visit. Security experts are warning users to be wary of app updates and ad links from unknown sources.

9.64K

The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.