Android users have been placed on red alert following the discovery of fake apps that can steal personal data, including banking details. Security experts warn that hackers are once again targeting consumers with applications laced with the dangerous Rokarolla bug.
What Is Rokarolla Malware?
Once installed, Rokarolla can spy on devices and steal sensitive information such as banking logins. It can also create a fake lock screen that overlays the real one to capture PIN numbers, security patterns, or passwords.
How Are Users Infected?
This latest campaign, first identified by Zimperium, exploits Android's ability to sideload apps. When users search for popular apps like TikTok or Chrome, they may be redirected to rogue websites that offer official-looking software. If fooled, a fake version of the app is downloaded, along with Rokarolla in the background. The apps then request extensive permissions, such as access to notifications, which can easily be granted due to their legitimate appearance.
What to Do
To avoid infection, only download apps from the official Google Play Store. Sideloading always carries risks. Ensure Google Play Protect is enabled, as it can block this malware.
