Rocinante Malware Lets Hackers Hijack Android Devices

Brazilian-origin malware Rocinante, a new banking trojan, has emerged, targeting local banking institutions and leveraging the Accessibility Service. It captures keystrokes and steals personally identifiable information (PII) through phishing screens, then uses Firebase, HTTP, Websocket, and Telegram to exfiltrate data and establish remote device access.  Drawing inspiration from Ermac/Hook, Rocinante’s authors have incorporated elements from … Continue reading Rocinante Malware Lets Hackers Hijack Android Devices