Crocodilus Trojan Hits Banks, Crypto in 8 Nations

A recently identified Android banking trojan known as Crocodilus has surfaced in at least eight countries across Europe and South America, according to a report from cybersecurity firm ThreatFabric. The malware is being deployed in an increasing number of malicious campaigns and is designed to target both banking applications and cryptocurrency wallets on infected devices.

Crocodilus incorporates advanced obfuscation techniques, making it more difficult for security analysts to detect and study the malware. One of its standout features is the ability to programmatically create new contacts within the victim’s address book, a tactic that may support further social engineering attacks or facilitate wider distribution.

The active spread of Crocodilus highlights the evolving threat landscape surrounding mobile financial platforms. Its dual focus on traditional banking apps and crypto wallets signals a growing interest among cybercriminals in exploiting both conventional and emerging financial technologies. Security researchers continue to monitor its development and regional impact.