Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

AI-Generated Summary

3 sources

14 hours ago

1 views

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Photo: Bleeping Computer

Key Points

Zimperium’s zLabs reports a new Android banking trojan named Rokarolla.
Rokarolla targets 217 banking and cryptocurrency apps.
Researchers say the malware includes 137 remote commands controlled by an operator.
It can steal lock-screen PINs and can read and send SMS messages.
It can rewrite the clipboard to redirect crypto payments and can disable Google Play.

Security researchers at Zimperium’s zLabs report a new Android banking trojan, Rokarolla, designed to target 217 banking and cryptocurrency applications. The malware is associated with command-and-control infrastructure that Zimperium says is also behind the “Rokarolla” name. According to the researchers, Rokarolla contains 137 remote commands that enable an operator to take extensive control of an infected device.

The reported capabilities include extracting the phone’s lock-screen PINs, and reading and sending SMS messages, which can include verification codes. Researchers also state that the malware can manipulate the clipboard to redirect cryptocurrency payment details, potentially steering funds to an attacker-controlled destination. In addition to these theft and redirection functions, the malware can disable Google Play on the infected phone, which can affect the user’s ability to install security tools or updates.

Across the outlets, the common focus is on the trojan’s broad target list (217 banking and crypto apps), the size of its remote command set (137), and the primary mechanisms described for credential and funds theft.

How Outlets Covered This Story

BLE

Bleeping Computer

New Rokarolla Android malware targets 217 banking, crypto apps

A new Android banking trojan named Rokarolla is targeting 217 banking and cryptocurrency applications using an extensive set of 137 commands. [...]

9 hours ago

THE

The Next Web

A new Android trojan called Rokarolla targets 217 banking apps and can steal your PIN, SMS codes, and crypto wallet funds

Security researchers at Zimperium’s zLabs have documented a new Android banking trojan that targets 217 banking and cryptocurrency applications and carries 137 remote commands, giving an operator near-total control of an infected phone. The malware, which Zimperium calls Rokarolla after its command-and-control infrastructure, can steal lock-screen PINs, read and send SMS messages, rewrite the clipboard […] This story continues at The Next Web

11 hours ago

THE

The Hacker News

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends SMS, rewrites the clipboard to redirect crypto payments, and switches off Google Play

16 hours ago

We use cookies

This website uses cookies in order to enhance the overall user experience.

Take a look at our Cookies Policy for more information.

Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps

Sequoia’s Luciana Lixandru says Europe needs a ‘second act’ for tech growth

India’s gems and jewellery exports fall 2.49% in May

ASX edges higher as miners gain on easing oil prices and inflation outlook