< IMG SRC = "/Uploads/Blogs/F3/Be/IB-FRCRMV6DG_9EA2A6BB.jpg" Alt = "Experts exposed Android-Tyan, attacking cryptocurrency purse"/> < P > Researchers from Threat Fabric have found a new dangerous sample of harmful software for Android called Crocodilus. This Trojan is focused on theft of cryptocurrencies, in particular through imitation interfaces of popular applications and deception of users. The main purpose of malefactors & mdash; Get access to SEED-Fraz & mdash; keys to cryptomamen that allows all assets to be completely removed.
< p >The attack mechanism is based on the imposition of a false window on top of the real interface of the application. Crocodilus warns the user that you need to back up the key within 12 hours, otherwise the wallet will be reset. This psychological pressure makes the victim move to the section with the Seed-Phrase, which the feleing program writes through a accessibility system.
< P > The attackers can fully control the device by obtaining permission to access Android availability services. After that, the SV & Rsquo; Rsquo; Inspectorates, Receives Instructions, List of Target Applications and Pads Templates. Crocodilus can also do scripts, intercepts data introduction and run phishing pads on bank and cryptocurrency applications.
< p > has reported cases of distribution of this software in Turkey and Spain, but experts believe that the geography of distribution will expand. In the code of malicious software, marks were found in Turkish, which suggests & mdash; Authors of Tw & Rsquo; Audit with Turkey or are its carriers.
< p > Threat Fabric experts note the high level of complexity of this Troyan, which from the first version demonstrates the functionality characteristic of mature harmful systems: complete capture of the device, remote control, counterfeit pads and theft of confidential information. This indicates a new level of threat from the mobile malicious software in the cryptosphere.