Cybersecurity researchers have discovered a new Android banking malware named Crocodilus, targeting primarily users in Spain and Turkey. The malware, designed for device takeover and fraudulent transactions, demonstrates advanced techniques like remote control and data harvesting. It disguises as Google Chrome, bypasses Android’s restrictions, targets financial apps and crypto wallets. Its features include launching specified apps, capturing screen contents, and concealing its actions via a black screen overlay and muting sounds.

Watch Out for CAPTCHAs That Install Malware
Cybercriminals impersonate CAPTCHAs to deliver malware. They exploit users’ familiarity with CAPTCHA by asking them to follow steps which include running a command prompt, opening