A new Android banking Trojan targets 217 banking and cryptocurrency apps while giving attackers broad control over infected devices.
The malware is called Rokarolla and is distributed via malicious websites that disguise it as popular apps like TikTok and Google Chrome. Reports Mobile cybersecurity company Zimperium.
Zimperium says Rokarolla is designed to compromise financial and crypto apps with fake screens that appear on top of legitimate apps.
Malware can steal device unlock credentials, including PINs, patterns and passwords, by displaying a fake Android lock screen. Information entered into the fake screen is then sent to infrastructure controlled by the attacker, Zimperium says.
Rokarolla can also steal banking and cryptocurrency credentials when victims open targeted financial apps, the report says. Once the malware identifies the target application, it can display a fake login page to capture credentials or credit card information.
Zimperium says the malware contains 137 commands that allow attackers to take control of infected devices, collect SMS messages, steal contact lists, record user inputs, and monitor what appears on the screen.
Rokarolla can also block incoming calls, mute the device, and disable Google Play Protect, according to the report.
The cybersecurity firm says the malware can intercept SMS messages, send texts on behalf of victims and prevent users from receiving fraud alerts from banks.
Zimperium says Rokarolla is targeting more than 200 financial, cryptocurrency and social media apps, including 217 premium cryptocurrency and banking apps.
The company says the malware’s features are designed to facilitate financial fraud and prevent victims from interrupting malicious activity on infected devices.
newsletter)
 
Disclaimer: The opinions expressed in The Daily Hodl are not investment advice. Investors should conduct due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please note that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the purchase or sale of any assets including cryptocurrencies, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated image: mid-flight
