Hundreds of Android banking and crypto apps hit by dangerous new Rokarolla malware
- Zimperium finds new Android banking trojan “Rokarolla” targeting 217 banking/crypto apps
- Distributed via spoofed sites, third‑party stores, and social media; dropper masquerades as Google Play Protect
- Steals credentials via invisible overlays, hides itself, and adds extra spying features like keystroke logging, call blocking, and screen recording
Security researchers Zimperium discovered Rokarolla, a powerful Android banking trojan capable of stealing login credentials and other valuable information from more than 200 banking and crypto applications.
Rokarolla is being distributed through standalone (spoofed) websites, third-party app stores, and social media. It was not found on the Google Play Store or other official Android repositories.
These malicious websites are advertising Google Chrome and TikTok apps, but when users download them, they first get a dropper that pretends to be Android’s built-in anti-malware solution Google Play Protect. This dropper then offers Chrome and TikTok, laden with malware.
How to spot Rokarolla
Upon installation, Rokarolla...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE
