Security experts are warning Android users about a new threat called Rokarolla, a dangerous malware that can infiltrate devices and steal sensitive information like banking details. The malware can even create a fake lock screen to capture passwords and PIN numbers.
The Rokarolla bug is being spread through fake applications that are downloaded from unofficial sources by exploiting Android’s sideloading feature. Users searching for popular apps like TikTok or Chrome may be redirected to deceptive websites offering counterfeit versions of the apps bundled with Rokarolla.
Once the fake app is installed, users are prompted to grant various permissions, making it easy for cybercriminals to access personal data. Rokarolla targets a wide range of financial, social media, and cryptocurrency applications, evading traditional mobile security measures.
To stay safe, experts recommend only downloading apps from the official Google Play Store and enabling Google Play Protect. Sideloading apps from unofficial sources poses significant risks, and activating Google’s security features can provide added protection against threats like Rokarolla.