On March 31, according to BleepingComputer, researchers from the security company ThreatFabric stated that a new malware called Crocodilus can steal seed phrases from Android users. The malware spreads through a proprietary driver and bypasses security protections on Android 13 (and higher versions), without triggering Play Protect when users install the malicious software.
The malware uses screen overlay to warn users to "backup wallet seed phrases within 12 hours" or risk losing access to their wallet.
