Skip to main content
Daily Mirror

All Android phone users told to 'stay vigilant' - ignoring new alert will be costly

Android users are, once again, being urged to stay alert and be careful before installing apps onto their phones.

Comments
Dave Snelling Technology Editor
06:50, 04 Jun 2025

There's another new warning for those with Android phones in their pockets, and ignoring this latest alert could prove very costly. It appears cyber crooks are, once again, trying their luck at targeting Android phones and this time they are using an attack that's been branded "Crocodilus".


This threat uses a clever tactic in a bid to steal money, and it could prove highly lucrative for the scammers and very damaging for those affected.


According to the team at Threat Fabric, the worrying attack begins via adverts displayed on popular social media platforms. These pop-ups, which look highly convincing, encouraged users to download an app to claim prizes and financial incentives.


READ MORE: Watch out Freeview - Sky confirms cheaper way to watch TV and it launches this month

However, once installed, the app then sets about infecting devices with Crocodilus, and one of the scariest features of this bug is its ability to add names and numbers to users' contact lists.

"A key feature update is the ability to modify the contact list on an infected device," Threat Fabric explained.

"We believe the intent is to add a phone number under a convincing name such as “Bank Support”, allowing the attacker to call the victim while appearing legitimate. This could also bypass fraud prevention measures that flag unknown numbers."


It's a worrying scam that could leave users out of pocket if they drop their guard and aren’t aware that their contacts have been tampered with.

READ MORE: UK Gmail and Yahoo users put on high alert and told to follow 4 important new rules

Threat Fabric is now urging all Android users to "stay vigilant".

"The latest campaigns involving the Crocodilus Android banking Trojan signal a concerning evolution in both the malware's technical sophistication and its operational scope," the Threat Fabric team added.

Article continues below

"As Crocodilus continues to evolve, organisations and users alike must stay vigilant and adopt proactive security measures to mitigate the risks posed by this increasingly sophisticated malware."

One good piece of advice is to download apps only from official online marketplaces such as Google's Play Store.

Before installing any software, it's also a good idea to check the developer and read the reviews as these will often give you a good idea of issues with the app before installing it.

Follow Daily Mirror:


GoogleAndroidApps

reach logo

At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the saleor sharing of your data, at any time clicking the "Do Not Sell or Share my Data" button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to the practices described in our Privacy Notice and Privacy Notice.