Rokarolla Banking Trojan Targets 200 Applications

The Android malware allows its operators to take control of infected devices and harvest sensitive information. The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek .

According to SecurityWeek and underlying research by Zimperium, Rokarolla is a new Android banking trojan that targets roughly 200+ banking and cryptocurrency applications, abuses extensive device permissions, and enables full device takeover to harvest credentials, SMS, on-screen text, and other sensitive financial data.[1][2][3] The malware is distributed via malicious sites impersonating popular apps (e.g., Chrome, TikTok), then uses overlays, keylogging, and clipboard manipulation to steal and redirect financial transactions.[2][3] From a CyberSE.AI perspective, this creates fintech AI risk where mobile banking and crypto apps—and any embedded or backend AI-driven fraud, scoring, or support models—can be systematically fed stolen or manipulated data, undermining transaction integrity, risk models, and KYC/AML controls. Financial institutions should use an AI Security Readiness Assessment to map how compromised endpoints and fraudulent inputs can flow into their AI systems, then harden model-facing APIs, add robust anomaly detection around AI-assisted decisions, and validate that fraud controls do not rely solely on endpoint trust.