Android malware ‘Crocodilus’ can take over phones to steal crypto
Once a targeted banking or cryptocurrency app is opened, a fake overlay launches over the top and mutes the sound while the hackers take control of the device.
Cybersecurity firm Threat Fabric says it has found a new family of mobile-device malware that can launch a fake overlay for certain apps to trick Android users into providing their crypto seed phrases as it takes over the device.
Threat Fabric analysts said in a March 28 report that the Crocodilus malware uses a screen overlay warning users to back up their crypto wallet key by a specific deadline or risk losing access.
“Once a victim provides a password from the application, the overlay will display a message: Back up your wallet key in the settings within 12 hours. Otherwise, the app will be reset, and you may lose access to your wallet,” Threat Fabric said.
