FlagThis

References :

• malware.news: This story provides detailed insights into the new capabilities and targets of the TrickMo Android Banking Trojan.
• : This article offers a comprehensive analysis of the TrickMo malware samples and its new functionalities.
• attack.mitre.org: TrickMo, a banking Trojan targeting Android devices, has evolved to include new features that pose significant risks to both individuals and organizations. In addition to its core capabilities, which include intercepting OTPs, recording screens, exfiltrating data, and remotely controlling devices, the malware can now steal device unlock patterns and PINs. This allows attackers to access sensitive information, including banking credentials, and even operate on the locked device. The malware has been observed targeting users in Canada, the UAE, Turkey, and Germany, highlighting its global reach and potential for widespread damage.
• infosec.exchange: Zimperium's Aazim Yaswant looks into the TrickMo Android mobile banking trojan and shares aditional IOCs from 40 recent variants of this threat that show identical capabilities to those shared by Cleafy in September.
• securityonline.info: Aazim Yaswant, a Malware Analyst at Zimperium, has published a comprehensive analysis of the latest TrickMo samples, revealing alarming new capabilities in this banking trojan.
• gbhackers.com: The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further investigation, where researchers have identified 40 variants, 16 droppers, and 22 active Command and Control servers associated with this threat. These variants employ advanced techniques like zip file manipulation and obfuscation to evade detection. Despite the lack of IOC release, the ...

Classification:

• HashTags: #android #malware #bankingtrojan
• Company: Zimperium
• Target: Users in Canada, UAE, Turkey, Germany
• Product: Mobile Threat Defense
• Feature: On-Device Dynamic Detection En
• Malware: TrickMo
• Type: Malware
• Severity: Major