Slow Fog: Android Banking Trojan "Crocodilus" Targets Cryptocurrency Users

ChainCatcher message, SlowMist has released a security alert that the Android banking Trojan "Crocodilus" has recently upgraded, leading to attacks targeting global cryptocurrency users and banking applications. The main threats include: spreading through fake browser updates in Facebook ads; using overlay attacks to steal login credentials; extracting cryptocurrency wallet recovery phrases and private keys; injecting fake "bank support" numbers into contact lists; malware as a service: available for rent (100-300 USD per attack). Users are reminded to avoid unknown app updates and ad links.