![[The AI Show Episode 151]: Anthropic CEO: AI Will Destroy 50% of Entry-Level Jobs, Veo 3’s Scary Lifelike Videos, Meta Aims to Fully Automate Ads & Perplexity’s Burning Cash](https://www.marketingaiinstitute.com/hubfs/ep%20151%20cover.png)
![[DEALS] FileJump 2TB Cloud Storage: Lifetime Subscription (85% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From electrical engineering student to CTO with Hitesh Choudhary [Podcast #175]](https://cdn.hashnode.com/res/hashnode/image/upload/v1749158756824/3996a2ad-53e5-4a8f-ab97-2c77a6f66ba3.png?#)
_sleepyfellow_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Apple Shares Official Trailer for 'The Wild Ones' [Video]](https://www.iclarified.com/images/news/97515/97515/97515-640.jpg)
[UPDATED] New Android Trojan Can Fake Contacts to Scam You — Meet Crocodilus
The post [UPDATED] New Android Trojan Can Fake Contacts to Scam You — Meet Crocodilus appeared first on Android Headlines.
![[UPDATED] New Android Trojan Can Fake Contacts to Scam You — Meet Crocodilus](https://www.androidheadlines.com/wp-content/uploads/2022/12/Android-malware-image-1.jpg)
One of the easiest ways to avoid scam calls is to ignore calls from numbers you don’t know. It sounds easy enough, right? Unfortunately, a recently-discovered Android trojan called Crocodilus is making that more complicated for users.
Beware the Crocodilus Android Trojan
A recent Threat Fabric report revealed some details about the Crocodilus Android Trojan, which was initially discovered in March 2025. One of the more concerning features of the malware is its ability to create fake contacts on infected devices. Once a device is infected with the Crocodilus Trojan, it can create a fake contact in your contacts list.
This means that when you receive a call from the number, it won’t appear as an unknown number. Instead, it will show up as a fake contact that the malware secretly created without you knowing. This is particularly dangerous, especially if the Trojan were to create a fake contact impersonating your bank or a family member.
According to Threat Fabric, “This further increases the attacker’s control over the device. We believe the intent is to add a phone number under a convincing name such as “Bank Support”, allowing the attacker to call the victim while appearing legitimate. This could also bypass fraud prevention measures that flag unknown numbers.”
The threat is going global
When initially discovered, Threat Fabric found that the malware was still in its early stages, with basic attempts at social engineering. It was also limited to a few small-scale campaigns in Turkey. However, the new report suggests that the malware is now going global.
The report says, “Another campaign is targeting Spanish users, distributing Crocodilus disguised as a browser update. The target list includes nearly all Spanish banks, clearly showing a regional focus. In addition to these targeted efforts, MTI has also observed smaller campaigns with very ‘global’ target lists, involving apps from Argentina, Brazil, Spain, the US, Indonesia, and India.”
So, what can you do to protect yourself? The usual safe practices apply here. Don’t open emails or download attachments from senders you don’t know. Also, avoid clicking on links sent in text messages or messenger apps from unknown contacts, or downloading apps or files from suspicious-looking websites. This might not protect you 100% from all attacks, but it’s a good place to start.
The post [UPDATED] New Android Trojan Can Fake Contacts to Scam You — Meet Crocodilus appeared first on Android Headlines.
