ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Mobile Security

Rokarolla Android banking trojan captures PINs, SMS codes, and crypto funds

Source headline: New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Threat level Critical
Signal strength 85/100
Source confidence 1 source
Published 2 days ago

Intelligence Summary

Zimperium zLabs reports a new Android banking and crypto malware called Rokarolla. It targets 217 banking and cryptocurrency apps and uses 137 remote commands to control infected devices. The trojan can steal lock-screen PINs and read and transmit SMS messages containing verification codes. It also rewrites the clipboard to redirect cryptocurrency payment addresses and may disable Google Play access. Users should treat it as a high-risk mobile compromise and review device security and app permissions.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#android #banking-trojan #sms-theft #pin-stealing #cryptocurrency #clipboard-hijacking
Original reporting The Hacker News New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Open original source

Related Pulse Signals

View all signals
Critical · Mobile Security Popa Android botnet tied to Alarum Technologies’ NetNut residential proxies High · Mobile Security Rokarolla Android Banking Trojan Targets 200+ Applications High · Mobile Security FTC alleges subscription scam networks use shell companies to evade app checks Medium · Mobile Security Apple will shift Hide My Email aliases to a new domain