Cyber Thieves Unleash Stealthy Banking Malware Crocodilus

Saturday 29th of March 2025 16:41:36

New Sophisticated Crocodilus Mobile Banking Trojan Emerges

A new and highly sophisticated mobile banking Trojan, dubbed Crocodilus, has been discovered by researchers at Kaspersky Lab. The malware is designed to target mobile banking users and steal sensitive financial information, including login credentials, transaction data, and sensitive personal information.

Crocodilus is a highly advanced Trojan that uses a combination of social engineering tactics and advanced encryption techniques to evade detection. The malware is designed to mimic the look and feel of legitimate mobile banking apps, making it difficult for users to distinguish it from the real thing.

Once installed on a victim's device, Crocodilus can steal sensitive financial information, including login credentials, transaction data, and sensitive personal information. The malware can also intercept and manipulate text messages, allowing it to intercept one-time passwords (OTPs) used for two-factor authentication.

Crocodilus is also capable of updating itself to evade detection by security software. The malware uses a combination of encryption and obfuscation techniques to hide its code and communication with its command and control (C2) servers.

Researchers at Kaspersky Lab have identified several key features of Crocodilus, including:

  • The ability to steal login credentials and transaction data from popular mobile banking apps
  • The ability to intercept and manipulate text messages, including OTPs
  • The ability to update itself to evade detection by security software
  • The use of advanced encryption and obfuscation techniques to hide its code and communication with its C2 servers

Crocodilus is the latest in a long line of sophisticated mobile banking Trojans that have been discovered in recent years. The malware is a reminder of the ongoing threat posed by mobile banking Trojans and the importance of using robust security measures to protect sensitive financial information.

In response to the discovery of Crocodilus, Kaspersky Lab is urging mobile banking users to take steps to protect themselves from this type of malware. This includes using robust security software, avoiding suspicious links and attachments, and keeping mobile devices and operating systems up to date.

The discovery of Crocodilus is a reminder of the ongoing threat posed by mobile banking Trojans and the importance of using robust security measures to protect sensitive financial information. Mobile banking users are urged to take steps to protect themselves from this type of malware and to stay informed about the latest threats and vulnerabilities.