New Crocodilus Malware Grants Full Control Over Android Devices

The Mobile Threat Intelligence (MTI) team identified a formidable new player in the mobile malware landscape: Crocodilus, an Android banking Trojan designed for device takeover.

Initially observed in test campaigns with limited live instances, this malware has rapidly evolved, demonstrating a surge in active campaigns and sophisticated development.

A Rising Threat in the Android Ecosystem

What began as a regionally focused threat, primarily targeting Turkey, has now expanded into a global menace, reaching European nations, South America, and beyond.

This alarming progression, coupled with enhanced technical capabilities, positions Crocodilus as a critical concern for Android users and cybersecurity professionals alike.

Crocodilus has undergone significant updates, incorporating advanced obfuscation techniques to evade detection and complicate reverse engineering.

Its dropper and payload now employ code packing, XOR encryption, and convoluted code structures, making analysis challenging for security researchers.

Beyond technical enhancements, the malware introduces invasive features such ...