THE article details the Rokarolla trojan, an advanced Android banking malware that not only drains bank accounts but also takes complete control of infected devices. Identified by Zimperium's zLabs, it targets 217 banking and cryptocurrency applications with 137 commands. The trojan spreads through deceptive sites resembling TikTok or Google Chrome, using a Google Play Protect impersonation to install its payload.
It isolates victims from their banks by blocking calls and stealing sensitive information via fake login pages and clipboard manipulation. Additionally, Rokarolla surveils users through timestamped screenshots and attempts to disable protective measures like Google Play Protect. Security experts warn that mobile threats are on the rise, with a significant increase in Android malware incidents.