Security specialists have discovered a new variant of the TrickMo banking Trojan, which has compromised approximately 13,000 Android devices.
Zimperium, building on earlier research by Cleafy, indicates that the malware spreads primarily through phishing schemes and social engineering tactics, often disguising itself as genuine banking or utility applications.
This updated version of TrickMo poses a significant threat as it can hide its code from detection and capture device unlock patterns or PINs. Additionally, it has the ability to intercept login information, one-time passwords, access private files, grant permissions, record screens, and even remotely control devices.
These features contribute to its potential for serious threats, including identity theft.
Experts note that while TrickMo continues to function as a typical Android banking Trojan, the data it gathers could enable attackers to exploit victims on multiple fronts. This malware is linked to the TrickBot group, a criminal syndicate believed to operate out of Russia.
Zimperium’s research highlights that over 13,000 IP addresses have been affected, with victims predominantly found in Canada, the UAE, Turkey, and Germany, demonstrating the extensive impact of this malware campaign.
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on several individuals and entities tied to a Russian money laundering operation that utilized Tether (USDT) and other cryptocurrencies for illicit transactions.
A prominent cryptocurrency platform has suffered a major cyberattack, leading to a $50 million theft on October 16, 2024.
A Russian national linked to the now-defunct WEX cryptocurrency exchange has been arrested in Poland on charges related to fraud and money laundering.
Crypto sleuth Coffeezilla has pushed back against the spread of misinformation surrounding the recent memecoin launch by influencer Hailey Welch, also known as “Hawk Tuah.”