1. Forum
  2. tqwNet
  3. TQW GENTECH

  • This devious Android malware adds fake contacts to your phone to

    From TechnologyDaily@1337:1/100 to All on Wed Jun 4 12:30:08 2025
    This devious Android malware adds fake contacts to your phone to spoof
    trusted callers

    Date:
    Wed, 04 Jun 2025 11:27:00 +0000

    Description:
    Hackers found a way to add fake contacts to your Android phone, experts warn.

    FULL STORY ======================================================================Crocodil us Android trojan has been updated with new features Among them is the
    ability to add a fake contact and trick people into accepting calls The contacts don't sync with Google, experts say

    Security researchers have spotted a new Android malware variant called Crocodilus, and what makes it stand out is the ability to add new contacts to the target devices contacts list.

    Crocodilus was first spotted in late March 2025 by security researchers
    Threat Fabric, when it was described as a highly capable mobile banking
    Trojan using different techniques such as overlay attacks, keylogging, and abuse of Android s Accessibility Services, to steal sensitive data, access peoples bank accounts, steal cryptocurrency, and more.

    Now, the researchers are claiming the Trojan is evolving to bypass classic defense mechanisms and wreak even more havoc. One of the key newly introduced features is the ability to modify the contact list on an infected device.
    Bank support

    Upon receiving the command TRU9MMRHBCRO, Crocodilus adds a specified contact to the victims contact list, Threat Fabric explained.

    The goal of this feature is not only to increase the attackers control over the device, but also to make attacks harder to detect.

    We believe the intent is to add a phone number under a convincing name such
    as Bank Support, allowing the attacker to call the victim while appearing legitimate, the researchers explained. This could also bypass fraud
    prevention measures that flag unknown numbers.

    The good news is that the fake contact will not make it into peoples Google accounts, so it wont show up on other devices.

    Numerous other improvements were introduced in the latest version, as well, which are mostly focused on evading traditional detection mechanisms. Furthermore, the malware now seems to have expanded its target scope, from focusing mostly on Turkey, to going global.

    Android malware and Trojans are usually distributed through fake and third-party app stores, social media channels, and email.

    Therefore, users are advised to only download Android apps from reputable sources (such as the Google Play Store, or Galaxy Store), and even there - to be careful. Reading through the reviews, minding the download count, and checking the developers reputation is a good way to spot malware.

    Via BleepingComputer You might also like These dangerous Android malware
    apps have been installed millions of times Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-devious-android-malware-adds-fake- contacts-to-your-phone-to-spoof-trusted-callers


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)