The malware is said to affect users in Spain and Turkey but it is good for people to know about it. It can target your bank app, crypto wallets and have access to information on your device.
It can know what you typed that displayed on the screen. It is said to even be an advanced keylogger, revealing your authenticator OTP. It will deceive you into providing your wallet seed phrase and many more.
It is good to read more about it:
https://www.threatfabric.com/blogs/exposing-crocodilus-new-device-takeover-malware-targeting-android-devicesim really aware about this in the last few months . in some hacker forum they talk about this, more like a rat tools but now on smartphone . I can tell these sophisticated banking trojans are becoming increasingly dangerous.
The most alarming aspect of Crocodilus is its ability to capture authentication codes and screen content in real-time. This essentially defeats the purpose of two-factor authentication, which many crypto users rely on for security.
While it's currently targeting users in Spain and Turkey, these malware families typically expand their reach quickly. The threat actors often refine their techniques in smaller markets before going global.
For staying safe, I've found that device separation works pretty well for me. Even though I sometimes download random stuff from the internet, I never do it on my primary phone where I keep my banking and crypto apps. I use a separate device for "risky business" which has saved me a few times from potential issues.
This approach isn't perfect, but it's worked for me so far - keeping a clean device just for financial stuff and another for everything else. Not exactly Fort Knox security, but it's a practical middle ground that lets me still enjoy downloading stuff without constantly worrying.