All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Rokarolla Android Malware Targets 217 Banking and Crypto Apps, Steals PINs and Credentials

15d ago· 1 min readenNews

Summary

Rokarolla is a new Android malware that targets 217 banking and cryptocurrency apps with 137 remote commands. It steals lock-screen PINs, reads and sends SMS messages, rewrites clipboard data to redirect crypto payments, and disables Google Play Protect. The malware spreads through malicious websites posing as popular apps like TikTok and Chrome, using a dropper disguised as Google Play Protect to install the payload and request Accessibility access. It uses overlay attacks to display fake HTML login pages to capture credentials and card details, and can also overlay the lock screen to capture PINs.

Source

bskyRokarolla Android Malware Targets 217 Banking and Crypto Apps, Steals PINs and Credentialsbriefly.co

Key quotes

· 3 pulled
Rokarolla targets 217 banking and cryptocurrency apps and includes 137 remote commands.
It lifts lock-screen PINs, reads and sends SMS, rewrites the clipboard to redirect crypto payments, and disables Google Play Protect.
It uses overlays to display fake HTML login pages and captures typed credentials, including card details, while also overlaying the lock screen to capture PINs.
Snippet from the RSS feed
Rokarolla Android trojan targets 217 banking and crypto apps, using overlays and stolen credentials to take over devices, intercept SMS codes, and redirect crypto payments.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.