Android smartphone owners are at risk of a new wave of digital fraud. Cybersecurity experts at Threat Fabric have reported on the dangerous Crocodilus virus, which spreads through fake social media ads and masquerades as legitimate apps.
How does Crocodilus work?
Malware spreads under the guise of “profitable” applications — with promises of winnings or financial bonuses. The user sees a supposedly official advertisement, clicks on the link, installs the application — and opens the door for the virus.
Crocodilus is particularly dangerous because it not only steals personal data, but also modifies the contact book on the victim’s device. It is able to add phone numbers under names like “Bank Support” so that attackers can call from these numbers and pretend to be employees of financial institutions. This allows them to bypass protection systems that usually block unknown numbers.
The goal of the attackers is to steal money and trick the user into revealing confidential data.
Why is this important?
Such methods have already been used in financial scams. But Crocodilus is one of the first viruses to automatically change contacts, making fake calls even more convincing.
How to protect yourself: expert advice
-
Download apps only from the official Google Play. Avoid third-party sources.
-
Check the app developer and read reviews.
-
If something concerns you, do not install the app.
-
Update your antivirus regularly and check application permissions.
-
If you receive suspicious contacts or calls from a "bank," do not respond and contact the real institution directly.
The Threat Fabric team urges Android users to be extremely cautious, as mistakenly clicking on an ad can cost not only money but also privacy.

