Rokarolla Android Banking Trojan Targets 217 Apps with Full Device Takeover Capabilities
By
Zimperium
Summary
Rokarolla is a newly discovered Android banking trojan that spreads through malicious websites by impersonating popular apps like TikTok, Google Chrome, and WhatsApp. It targets 217 banking and cryptocurrency applications, utilizing 137 commands to execute device takeover through deceptive overlays, keylogging, SMS theft, and call blocking. The malware employs a dynamic command-and-control (C2) infrastructure to steal credentials and facilitate financial fraud, posing a significant threat to mobile banking security.
Source
bskyRokarolla Android Banking Trojan Targets 217 Apps with Full Device Takeover Capabilitieshendryadrian.comKey quotes
· 2 pulledRokarolla is a newly identified Android banking trojan that spreads through malicious websites, impersonates popular apps, and targets 217 banking and cryptocurrency applications.
It uses 137 commands, deceptive overlays, keylogging, SMS theft, call blocking, and dynamic C2 infrastructure to steal credentials and enable financial fraud.
You might also wanna read
Hacker Takes Control of a16z-Backed Startup's 1,100-Phone Farm for AI-Generated TikTok Ads
A hacker gained control of a 1,100-phone farm operated by Doublespeed, an a16z-backed startup that uses AI-generated social media accounts t
ShadyPanda's 7-Year Malware Campaign Infected 4.3 Million Browsers Through Malicious Extensions
Koi researchers have uncovered a seven-year malware campaign by threat actor ShadyPanda that infected 4.3 million Chrome and Edge browsers t
Malicious npm Package 'lotusbail' Steals WhatsApp Credentials and Messages
A malicious npm package called 'lotusbail' has been discovered stealing WhatsApp credentials and messages from developers. The package, whic
Pixnapping: New Android Security Attack Steals Data from Apps and Websites
Pixnapping is a new class of Android security attacks that enables malicious apps to stealthily leak information from other apps and website
Android Vulnerability Allows Malicious Apps to Steal 2FA Codes and Private Data Without Permissions
Researchers have discovered a new Android vulnerability called 'Pixnapping' that allows malicious apps to steal sensitive data including 2FA
arstechnica.com·8mo ago
Critical BLE Vulnerability Allows Root-Level Takeover of Unitree Robots
Security researchers disclosed a critical Bluetooth Low Energy (BLE) vulnerability in Unitree robots (Go2, B2, G1, H1) on 20 September. The
spectrum.ieee.org·9mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.