TechFlow news, on June 4, SlowMist issued a security alert stating that the Android banking Trojan "Crocodilus," after a recent upgrade, has begun targeting global cryptocurrency users and banking applications. The main threats include:
Spreading through fake browser updates in Facebook ads;
Stealing login credentials via overlay attacks;
Extracting cryptocurrency wallet recovery phrases and private keys;
Injecting fraudulent "bank support" phone numbers into contact lists;
Malware-as-a-service: available for rent (USD 100–300 per attack).
Users are advised to be cautious of unknown app updates and ad links.




