logo

Rokarolla Android Banking Trojan Turns Smartphones Into Weapons Against Users

ID: 3a824f83-8f5a-5d77-a1d1-4719befa23cd

STIX ID: report--3a824f83-8f5a-5d77-a1d1-4719befa23cd

Feed Name: Security Boulevard

Threat Score
75/100

Date Published: 2026-06-25

Date Updated: 2026-06-25

Author: Teri Robinson

...
...

Rokarolla is a highly invasive Android banking Trojan distributed via malicious websites that masquerade as popular apps; it contains a sophisticated command set (137 commands) to seize full control of infected devices, harvest credentials and SMS, record keystrokes, block calls, deploy overlays, disable protections like Google Play Protect, and specifically target 217 banking and cryptocurrency apps to enable undetected financial fraud and sustained device surveillance.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.