The new virus is emptying bank accounts. Experts warn

A new threat to smartphone users with Android. Crocodilus is an advanced banking Trojan that can impersonate known applications. After infecting the device, he gains almost full control over the phone, enabling cyber criminals to steal your login data and take over bank accounts.

Capturing passwords

According to Android.com.pl, the first cases of infection were detected in Turkey, but the virus quickly spread to other countries, including Poland, Spain, Brazil, India and the USA. Crocodilus works, replacing login screens in banking applications and cryptocurrency portfolios with its own versions, which allows you to capture logins and passwords. In addition, he intercepts SMS messages, including one -time passwords and verification codes.

Malicious software can also steal the so -called Seed phrases, i.e. keys enabling access to cryptocurrency wallets. In practice, this means the possibility of emptying the entire portfolio by cyber criminals. After obtaining the necessary permissions, the virus can also modify contacts on the phone, send SMS messages and redirect voice calls.

Fake ads

Crocodilus can hide their presence in the system, which means that users are often not aware of infection for a long time. In Poland, the virus usually goes to the phones via fake advertising on Facebook. Criminals create encouraging offers with “bonuses” or “free points” that lead to the installation of infected applications. These campaigns mainly aim at people over 35 and are very effective.

Specialists recommend caution – applications should be downloaded only from the official Google Play store. It is worth avoiding suspicious links and unknown sources. You should also update the software, use Play Protect and use anti -virus software with the function of regular device scans.