En
menu
Site language
Ru En
Социальные сети

cointelegraph.com Crocodilus malware explained: how it targets android crypto wallets

What is Crocodilus malware? Crocodilus is the latest in a string of Android crypto malware built to steal your cryptoassets.Crocodilus is a sophisticated piece of malware that steals digital assets from Android devices. Named after crocodile references scattered throughout its code, Crocodilus targets Android 13 devices or later. The Android wallet malware utilizes overlays, remote access and social engineering to take over your device and drain your crypto wallet. Fraud prevention firm Threat Fabric discovered Crocodilus malware in March 2025 and published detailed research on the new virus. As of April 2025, users in Spain and Turkey are the primary targets. Threat Fabric predicts Crocodilus will expand globally in the coming months. How Crocodilus infects Android devices Crocodilus’ primary method of infection is still unknown, but it likely follows a path similar to other malware.What sets Crocodilus apart from typical crypto wallet malware is how deeply it integrates with your device. It does more than just trick you via social engineering. It takes complete control of your Android.While the leading cause of infection is unknown, malware like this often appears in a few ways:Fake apps: Crocodilus may disguise itself as a legitimate cryptocurrency-related app on the Google Play Store or on third-party app-hosting sites. Threat Fabric says the malware can bypass the Google Play Store’s safety scanners.SMS promotions: SMS scams are increasingly common. If you receive a random text with a suspicious link, don’t click on it. It may redirect you to a page that downloads malware.Malicious advertising: Infected ads run rampant on adult or software piracy websites. Each ad is strategically placed to make you accidentally tap, and it only takes one tap to download malware.  Phishing attempts: Some malware campaigns send malicious phishing emails that impersonate cryptocurrency exchanges. Double-check the sender’s e-mail address to verify its legitimacy.Once Crocodilus infects your device, the malware will request accessibility service permissions. Accepting these permissions connects Crocodilus to its command-and-control (C2) server, where attackers can display screen overlays, track keystrokes or activate remote access to control your device.However, the malware’s main identifying trait is its wallet backup trick. If you log into your cryptocurrency wallet app using a password or PIN, Crocodilus displays a fake overlay. It reads: “Back up your wallet key in the settings within 12 hours. Otherwise, the app will be reset, and you may lose access to your wallet.” If you click “continue,” Crocodilus prompts you to type in your seed phrase. The malware tracks your inputs via its keylogger. Then, the attackers have everything they need to steal your assets.Crocodilus’ fake overlay imitates legitimate wallet software. Its “continue” button is easy to press without thinking, but know that a recognizable wallet app would never urge you to back up your wallet in this way. If you see this overlay, uninstall the app and consider a clean install of your device.Unfortunately, keylogging is just the start. Crocodilus circumvents two-factor authentication (2FA) processes via its screen recorder, capturing verification codes from apps like Google Authenticator and sending them to C2.  Worst of all, Crocodilus displays a black overlay and mutes your device’s audio to cover up its activities. It pretends your phone is locked while silently stealing your assets in the background. The malware can conduct 45 commands in total, including:SMS takeover: Crocodilus can retrieve your text messages, text your contacts list, and even make itself your default SMS app.Remote access: The malware takes complete control of your device, allowing it to open apps, activate your camera or start your screen recorder.Modify text: While Crocodilus tricks you into inputting your wallet information, it can alter or generate text to help C2 access your private apps using data it finds on your device.Did you know? Stealthy malware threats to crypto wallets are common. Zero-click attacks — malware that infects your device without any input from you — are another form of crypto malware in 2025. What if you’ve fallen victim to a Crocodilus attack? Falling victim to Crocodilus requires immediate action.If you’ve fallen victim to the Android Trojan Crocodilus, immediately follow these crypto wallet protection tips:Isolate your device: Disconnect your device from Wi-Fi or data and turn it off. Remove the battery if possible.Recover your assets: You should have your wallet’s seed phrase stored in a safe, physical location. Use it to recover your wallet to an uncompromised device.Get rid of your infected device: Unfortunately, using your infected device is a massive risk. Factory resetting it might not get rid of the malware. Moving to another device is your safest option.Report the threat: If you downloaded a malicious app, such as one from the Google Play Store, report it to the relevant parties.Did you know? If you lose your cryptoassets, there’s no getting them back. Some may consider this one of the downsides to decentralization — a lack of a central authority to monitor and insure theft. How to check for a Crocodilus attack Regular checks go a long way toward protecting your cryptocurrencies. Learn how to detect crypto malware.While Crocodilus manipulates your device in secret, there are some telltale signs of infection to watch out for. Here’s how to protect crypto on Android if you’re suspicious of a Crocodilus attack:Suspicious app activity: Check your device activity tracker. An unaccounted-for uptick in cryptocurrency or banking apps may be cause for concern.Check app permissions: Regularly review the app permissions you've allowed, especially those that request accessibility permissions. Increased battery drain: A small but significant sign of infection is increased battery drain. If your battery drains faster than usual, your phone may be running malware in the background. Data usage spikes: Crocodilus continually transmits data to its C2 server. Monitor your data usage and be aware of any sudden increases. This is one of the most apparent signs your wallet app is compromised. How to prevent a Crocodilus hack Prevention is the best form of protection.According to blockchain analysis firm Chainalysis, an estimated $51 billion in cryptocurrencies was stolen via crypto hacks in 2024. The group expects this number to increase in 2025 and beyond. Cybersecurity is more important than ever as we continue to move toward decentralized digital finance.While it’s impossible to remain 100% safe from cyberthreats, consider adopting the following behaviors to protect yourself. Crypto wallet security in 2025 is more important than ever:Browse safely: Avoid suspicious websites that exist to trap users into downloading Crocodilus and other malware stealing crypto keys.Use a hardware wallet: As of April 2025, Crocodilus targets Android devices, specifically. Keeping your cryptocurrencies in a hardware wallet limits the malware’s reach.  Triple-check app downloads: Don’t side-load applications from unsafe websites. Make sure to triple-check apps on the Google Play Store and only download those you’re sure are official.Check official sources: Follow reputable cybersecurity websites, subreddits and other spaces to stay current on Crocodilus protection methods.Finally, be wary of unexpected backup prompts and monitor app behavior for suspicious activity.

cointelegraph.com
скрыть

news.bitcoin.com Iran Unleashes Missile Blitz on Israel—Dow Tanks Over 800 Points

On Friday, around 2 p.m. Eastern time, reports show that Iran has begun counterstrikes firing “hundreds” of ballistic missiles toward Israel. Wall Street Sinks as Israel-Iran Conflict Erupts in Missile Onslaught CNN reported that the Israeli military said it identified incoming missiles launched from Iran, and the news station heard the explosions in Tel Aviv […]

1 news.bitcoin.com
скрыть

bitcoinist.com The Curse Of Ethereum: First-Ever ETH Treasury Company Suffers Sharo 73% Crash – Details

Sharplink Gaming (SBET), which became the first public company to establish an Ethereum treasury, hasn’t had it easy since making this major move. The company’s shares have plummeted amid reports that investors plan to offload their stocks following the creation of the ETH Treasury.  Sharplink Gaming’s Stock Plummets Following Ethereum Treasury Move In an X […]

5 bitcoinist.com
скрыть

ambcrypto.com Why is crypto down today? Israel-Iran escalations, $1B liquidations trigger sell-off

Israel’s strike on Iran triggered $1.16 billion in crypto market liquidation.  There was high hedging activity ahead of the FOMC meeting; BTC’s $100K was a key support to watch.  BitcoThe post Why is crypto down today? Israel-Iran escalations, $1B liquidations trigger sell-off appeared first on AMBCrypto.

9 ambcrypto.com
скрыть

news.bitcoin.com Middle East Conflict Heats up and Bitcoin Drops, but Not by Much

Israel launched a pre-emptive attack on neighboring Iran late Thursday, triggering a retaliation on Friday. Markets tanked, but bitcoin’s dip wasn’t particularly dramatic, all things considered. Bitcoin Shows Resilience Despite Middle East Turmoil Israel sent 200 fighter jets to bomb various nuclear facilities in Iran on Thursday evening in an unprecedented pre-emptive attack that killed […]

10 news.bitcoin.com
скрыть

bitcoinmagazine.com Pakistan’s Strategic Bitcoin Reserve: A Step Toward Orange-Pilling a Nation?

Bitcoin Magazine Pakistan’s Strategic Bitcoin Reserve: A Step Toward Orange-Pilling a Nation? A strategic Bitcoin reserve is a step in the right direction for Pakistan, but only mass adoption will truly unlock the immense potential Bitcoin can offer. This post Pakistan’s Strategic Bitcoin Reserve: A Step Toward Orange-Pilling a Nation? first appeared on Bitcoin Magazine and is written by Ghaffar Hussain.

11 bitcoinmagazine.com
скрыть

news.bitcoin.com Sonic Labs’ S Token Now Spendable via Redotpay Crypto Card

Sonic Labs, previously known as Fantom, has revealed a partnership with Redotpay Card, enabling users to spend its native S token and stablecoins like traditional debit or credit cards. S Token Gains Real-World Spending Utility Through Redotpay Card The card, functional wherever Apple Pay or Google Pay is accepted, aims to increase the everyday usability […]

14 news.bitcoin.com
скрыть

blockonomi.com XRP Ledger Powers First Biometric Blockchain ID with Genomic Hash Mesh Integration

TLDR: DNA Protocol uses XRP to anchor hashed DNA data for real-time biometric identity verification. Genomic Hash Mesh validates genome sequences using Merkle proofs and zk-compression. BioFi enables KYC, health passports, and DeSci models without exposing raw DNA data. Despite innovation, XRP price dips 5.2% as market volatility overshadows long-term potential. The XRP Ledger has [...] The post XRP Ledger Powers First Biometric Blockchain ID with Genomic Hash Mesh Integration appeared first on Blockonomi.

17 blockonomi.com
скрыть

bitcoinist.com Bitcoin SOPR Indicator Sees Steady Decline Even As BTC’s Price Rallies – Here’s What It Means

Bitcoin’s price has displayed remarkable resilience as the largest crypto asset holds strong above the $100,000 milestone despite several pullback attempts. During the robust bullish performance of BTC in the past few weeks, on-chain data shows that the SOPR indicator has been dropping sharply. Key Bitcoin SOPR Indicator Dips Sharply As Bitcoin continues to show […]

18 bitcoinist.com
скрыть

btcmanager.com Charles Hoskinson floats $100m ADA treasury reboot to stabilize Cardano ecosystem

With just $31 million in stablecoins against $356 million in total value locked, Cardano’s founder has proposed unprecedented treasury diversification into Bitcoin and native dollar-pegged assets to boost the network’s decentralized finance and stablecoin ecosystem. On June 12, Cardano co-founder…

23 btcmanager.com
скрыть

news.bitcoin.com Brazilian Authorities Terminate Exemptions, Aims to Tax Crypto Held in Self Custody

Brazilian authorities issued a Provisional Measure that terminates the previous tax regime and introduces a new ruleset to tax all crypto-derived profits. The new rule also states that these measures apply to crypto held in self-custody wallets and digital assets held abroad. Brazilian Government Announces New Crypto Tax Regime, Throws Self-Hosted Assets in the Mix […]

26 news.bitcoin.com
скрыть

bitcoinist.com $500 Million XRP Power Play: Singapore Giant Plans Massive Treasury Move

According to reports, Trident Digital Tech Holdings Ltd, a Singapore-based firm listed on Nasdaq, plans to raise up to $500 million to build one of the first large-scale XRP treasuries. The company aims to kick off the project in the second half of 2025, subject to regulatory clearance and market conditions. It will tap equity […]

58 bitcoinist.com
скрыть

btcmanager.com Meta’s superintelligence and Sam Altman’s AGI could boost these crypto AI tokens

Artificial intelligence has taken centre stage with technology giants like Meta, Open AI and Alphabet Inc’s Google racing to develop AGI, Superintelligence and faster, more efficient models in 2025. The race involves multi-billion dollar acquisitions, investments and capital flows to sectors like Crypto AI tokens, offering traders an opportunity to profit from a slice of the Artificial Intelligence pie.

60 btcmanager.com
скрыть

bitcoinmagazine.com UK Gold Mining Company Bluebird to Convert Gold Revenues into Bitcoin

Bitcoin Magazine UK Gold Mining Company Bluebird to Convert Gold Revenues into Bitcoin Bluebird Mining Ventures Ltd. will adopt bitcoin as a treasury reserve asset and convert future gold revenues into Bitcoin. This post UK Gold Mining Company Bluebird to Convert Gold Revenues into Bitcoin first appeared on Bitcoin Magazine and is written by Oscar Zarraga Perez.

63 bitcoinmagazine.com
скрыть

blockonomi.com Dogecoin (DOGE) Price Could Dip Further, Expert Warns: Here’s Why

TLDR: Dogecoin (DOGE) remains in a weekly downtrend after multiple rejections near $0.22 and $0.20 resistance. Analysts monitor a possible double bottom forming near $0.13 as bearish momentum slows. Daily volume surged over 66%, pointing to growing investor attention near support. DOGE must reclaim $0.20 to confirm reversal; breakdown risks fall to $0.13 zone. Dogecoin [...] The post Dogecoin (DOGE) Price Could Dip Further, Expert Warns: Here’s Why appeared first on Blockonomi.

64 blockonomi.com
скрыть

news.bitcoin.com Retail Titans Amazon and Walmart Reportedly Weigh Stablecoin Options

As enthusiasm for stablecoins keeps gaining traction among big corporations, sources say retail titan Walmart and e-commerce powerhouse Amazon are actively exploring the possibility of launching their own digital dollar-pegged tokens. Wall Street Journal Sources Say Amazon, Walmart May Step Into Stablecoin Market As of press time, the combined value of all circulating stablecoins has […]

66 news.bitcoin.com
скрыть

blockonomi.com DeFi Development Corp. Raises $5B to Buy More Solana: Details

TLDR: DeFi Development Corp. inks $5B equity line to scale Solana holdings and expand its SPS-focused treasury. New capital strategy avoids dilution while enhancing validator yield and shareholder value. Solana price drops 7%, yet trading volume surges 64% amid large institutional accumulation. SPS model ties public equity performance directly to Solana treasury growth and staking [...] The post DeFi Development Corp. Raises $5B to Buy More Solana: Details appeared first on Blockonomi.

69 blockonomi.com
скрыть

bitcoinmagazine.com JPMorgan Reports Record Profits for Bitcoin Miners in Q1

Bitcoin Magazine JPMorgan Reports Record Profits for Bitcoin Miners in Q1 Bitcoin mining companies in the U.S. have kicked off 2025 with record performance, according to a recent report. The first quarter of the year was “one of Bitcoin miners’ best quarters to date,” analysts Reginald Smith and Charles Pearce stated.  “Four of the five operators in our coverage reported record revenue and profits,” the report […] This post JPMorgan Reports Record Profits for Bitcoin Miners in Q1 first appeared on Bitcoin Magazine and is written by Jenna Montgomery.

73 bitcoinmagazine.com
скрыть

bitcoinist.com Charles Hoskinson Proposes $1 Billion Cardano Sovereign Wealth Fund

Charles Hoskinson has laid out the broad contours of what he calls a “decentralized sovereign wealth fund” for Cardano, arguing in a 18-minute livestream on 12 June that the network’s treasury should be actively managed, diversified beyond ADA, and ultimately expanded into a multi-asset portfolio worth at least a billion dollars. Speaking from Colorado, the […]

74 bitcoinist.com
скрыть

news.bitcoin.com QCP Insights: Crypto Markets Tumble as Middle East Tensions Disrupt Global Sentiment

Fresh geopolitical tensions between Israel and Iran sparked sharp declines in crypto and global equities, sending oil prices higher and triggering $1 billion in crypto liquidations as markets brace for further instability. Oil Soars, Bitcoin Slips as Global Markets React to Middle East Conflict Global markets reeled overnight after Israel’s preemptive airstrike on Iran’s nuclear […]

83 news.bitcoin.com
скрыть

bitcoinist.com Crypto Con: Aussie Adviser Banned 10 Years Over $9.6 Million Scam

Australia’s financial watchdog has slapped a decade-long ban on a Sydney-based adviser after she sent client funds into a crypto operation flagged as risky. The Australian Securities and Investments Commission (ASIC) says Glenda Maree Rogan moved A$14.8 million ($9.6 million) into a platform already marked as unlicensed. Clients, family and friends reportedly lost out when […]

88 bitcoinist.com
скрыть

news.bitcoin.com Gold Climbs, Oil Surges, Stocks and Bitcoin Slide Amid Israel-Iran Conflict

On Thursday, Israel carried out overnight airstrikes targeting Iranian nuclear installations, dramatically heightening geopolitical friction across the Middle East. In response, major U.S. equity indices plunged on Friday. At the same time, gold has climbed 1.61% per ounce, while crude oil barrel prices vaulted over 5%. Dow Dives, Bitcoin Drops, Oil Erupts: Fallout From Israeli […]

95 news.bitcoin.com
скрыть