A new mobile spyware called "Crocodilus," which targets users' bank accounts and cryptocurrency wallets, continues to spread rapidly in many countries, including Turkey. Initially infiltrating devices by disguising itself as an innocent Google Chrome browser, this virus is now luring thousands of people into traps through fake "bonus point" advertisements or fake system updates on Facebook.

Once installed on a device, this software operates quite stealthily, intercepting your banking application and stealing your passwords through fake, seemingly legitimate overlays. Its most surprising new feature, according to cybersecurity experts, is its ability to add new contacts to the phone book without the user's knowledge.

This allows hackers to create believable contact lists, such as "Bank Support," bypassing smartphone fraud alerts and gaining the victims' trust. One of the attackers' main targets is cryptocurrency investors. Using an automated tool, they can instantly copy cryptocurrency wallet passwords and empty accounts in seconds. While Google states that this virus is not present in its official app store and that security measures are in place, applications downloaded from the internet, social media ads, or external sources continue to pose a significant global threat.

Some of the precautions we need to take to protect against these types of attacks include:

• Do not open emails from untrusted sources.

• Use multi-factor authentication (MFA).

• Keep your system updated to the latest version at all times.

• Monitor login logs regularly.

• Track the security of mobile devices.

  
  

For detailed information, you can reach out to our experts at info@zerosecond.ae