Security researchers have identified a sophisticated new Android banking trojan that represents one of the most comprehensive mobile threats to emerge this year. Named Rokarolla, this malware exhibits an alarming range of capabilities that give attackers virtually complete control over compromised devices, with significant implications for financial institutions, cryptocurrency users, and security teams worldwide.
Discovered by experts at Zimperium's zLabs, Rokarolla specifically targets 217 banking and cryptocurrency applications across the Android ecosystem. What makes this threat particularly concerning is its extensive command structure, consisting of 137 remote commands that enable operators to perform a wide array of malicious activities on infected devices. Once installed, Rokarolla can steal lock-screen PINs, giving attackers physical access to the device and all stored information. The malware can also intercept and manipulate SMS messages, potentially compromising two-factor authentication codes sent to the user. For cryptocurrency holders, the threat is especially severe as Rokarolla can rewrite clipboard data to redirect crypto wallet transactions to attacker-controlled addresses, effectively stealing funds during transfer. Perhaps most disturbingly, the malware can disable Google Play Protect, removing a key security barrier that would otherwise help detect and remove the threat.
For security teams, the emergence of Rokarolla highlights several critical concerns. The breadth of targeted applications—spanning hundreds of banking and crypto platforms—suggests a focused campaign against financial assets that demands immediate attention from security professionals. The ability to bypass Android's built-in protections indicates a concerning evolution in mobile malware sophistication. Organizations should evaluate their mobile device management strategies, consider implementing additional verification steps for high-value transactions, and educate users about the risks of sideloading applications from unofficial