The Information Security Center warns Android users in Syria of malicious software stealing data.
April 12, 2025241 ViewsRead Time: 2 minutes
Font Size
16
The National Information Technology Agency, affiliated with the Syrian Ministry of Communications, warned users of Android-supported mobile devices against the spread of malicious software, such as banking Trojan software like Anasta Octo-Hook, which relies on advanced techniques to bypass security systems.
According to the Information Security Center Director at the agency, Engineer Jihad Alala, in his statement to "SANA," there is a new malicious software known as Crocodilud, targeting devices through sophisticated methods, including overlay attacks, keylogging, data collection, and misuse of accessibility services on the devices.
Explaining the software's operation, Alala said, "It continuously operates in the background of Android applications, monitoring launched applications, exposing overlays to steal victim credentials. This software is considered malicious software as a service (Malwere-as-a-Service), distributed through fake applications or phishing links, aiming to steal credential data and one-time passwords (OTP) with full control over the infected device."
Regarding the targeting of Android users in Syria, Alala pointed out that despite no recorded activity of Crocodilus in Syria so far, this initiative comes within the framework of the Information Security Center's keenness to enhance awareness of emerging digital threats and share global analyses.
As for precautionary measures to prevent the access of this malicious software to Android users, the Information Security Center Director urged installing applications through Google Play or very reliable sources.
