Android phone users are facing a new warning about potential cyber threats that could lead to financial losses if ignored. Cybercriminals have launched an attack named “Crocodilus” targeting Android devices with a deceptive tactic aimed at stealing money, posing a significant risk to affected individuals.
The attack, as reported by cybersecurity experts at Threat Fabric, initiates through enticing advertisements on popular social media platforms. These ads prompt users to download an app promising prizes and financial rewards. However, once the app is installed, it infects devices with Crocodilus, a malware that can manipulate users’ contact lists by adding names and numbers without their knowledge.
Threat Fabric highlighted a concerning feature of Crocodilus, stating, “A key feature update is the ability to modify the contact list on an infected device.” This manipulation includes adding phone numbers under convincing names like “Bank Support,” enabling attackers to contact victims while appearing legitimate and potentially bypassing fraud detection mechanisms.
This scam poses a serious threat to users’ financial security if they overlook the tampering of their contacts. In response to this evolving threat, Threat Fabric advises Android users to remain vigilant against such attacks.
To safeguard against malicious apps, it is recommended to download applications solely from official sources like Google’s Play Store. Additionally, before installing any software, users should verify the developer’s authenticity and review feedback, as this can help identify potential issues with the app prior to installation.