New Android Threat Steals Banking Information and Cryptocurrency

Security researchers at Zimperium discovered a new type of malicious software targeting Android phones. This malware, called Rokarolla, specifically attacks 217 different banking and cryptocurrency apps. Once installed on a phone, it can steal lock screen PINs, read and send text messages, and redirect cryptocurrency payments by changing information you copy and paste.

If you use an Android phone and have banking apps or cryptocurrency wallets installed, you could be at risk. Rokarolla gives criminals nearly complete control over an infected device. It can turn off Google Play Protect, which normally helps defend your phone. The malware steals the security codes sent via text message, allowing thieves to break into your accounts even if you have two factor authentication enabled.

Take these steps immediately to protect yourself. First, only download apps from the official Google Play Store and check reviews carefully before installing anything. Second, go to Settings, then Security, and make sure Google Play Protect is turned on and scanning your device. Third, review all apps currently installed on your phone and delete any you do not recognize or no longer use. Fourth, enable biometric login like fingerprint or face recognition for your banking apps instead of relying only on PINs. Fifth, contact your bank immediately if you notice any suspicious transactions or if your phone starts behaving strangely. For long term protection, keep your Android system updated with the latest security patches. Avoid clicking links in unexpected text messages or emails, even if they appear to come from your bank. Consider using a separate, older device for banking if you frequently download new apps on your main phone. Monitor your bank and credit card statements weekly for unauthorized charges.