BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

New Android Rokarolla Trojan Targets 217 Banking Apps

Rokarolla Android Trojan Hijacks 217 Banking Apps Using Overlay Attacks

  • A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications.
  • It uses sophisticated overlay attacks and 137 remote commands to gain near-total control of infected devices, stealing login credentials and redirecting cryptocurrency payments.
  • The malware disables Google Play Protect and spreads through malicious websites posing as popular apps like TikTok and Chrome.

Security researchers at Zimperium‘s zLabs documented a new Android banking trojan in June 2026, according to their report. This malware, named Rokarolla, is designed to target 217 banking and cryptocurrency apps using 137 remote commands for complete device control. It spreads via malicious websites disguised as well-known applications.

- Advertisement -

Once installed, a dropper disguised as Google Play Protect grants the malware Accessibility permissions. Consequently, Rokarolla can then disable Play Protect and execute its extensive attack toolkit. The theft primarily occurs through HTML overlay attacks on legitimate financial apps.

For each targeted app, the malware downloads a fake login page from its server. When a victim opens the real app, this overlay captures everything typed, including card details. A separate overlay mimics the Android lock screen to steal the device’s PIN, pattern, or password.

The trojan also reads and sends SMS messages, allowing it to intercept one-time banking codes. Meanwhile, it rewrites the clipboard to swap cryptocurrency wallet addresses and redirect payments. For surveillance, it uses Accessibility services to take silent screenshots instead of triggering visible recording prompts.

The malware’s capabilities, detailed in the company’s GitHub repository, outnumber earlier threats like the HOOK trojan. There is no software patch, as this is malware, not a product flaw. Therefore, standard defenses like installing apps only from Google Play and scrutinizing Accessibility requests are critical.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Strategy Sells $216M in BTC, Cash Hits $2.55B

Strategy sold 3,588 Bitcoin for roughly $216 million, its first major divestment after years...

Second amicus brief filed against Satoshi Bitcoin suit

The Digital Chamber filed a second amicus brief in New York Supreme Court opposing...

Bitcoin Has Further to Fall for Cycle Bottom Signal

One of Bitcoin's "cleanest cycle clocks" suggests that new macro lows are needed this...

Oil Plunges 20% as US-Iran Peace Deal Hangs in Balance

Brent and crude oil prices have fallen nearly 20% in a month after a...

Semiconductors Beat Big Tech, Crypto by 102% in H1

Semiconductor stocks surged 102% in H1 2026, crushing the Magnificent Seven and Bitcoin ...

Must Read

How To Travel With Bitcoin: 9 Travel Companies Accepting Bitcoin

Bitcoin travel is a reality, as several travel companies now accept payments in cryptocurrencies for their services.Those who have opened a Bitcoin account on...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading