Expanding the Investigation: Deep Dive into Latest TrickMo Samples

216.73.217.98

Expanding the Investigation: Deep Dive into Latest TrickMo Samples

· Published 15/10/2024 09:25 · Modified 15/10/2024 09:46

Essential information

Published: 15/10/2024 09:25
Modified: 15/10/2024 09:46
Tags: 2024-10-15 android banking trojan otp interception overlay attacks trickmo
Related entities: 94 observables, 1 malware, 3 others

Description

This report delves into the analysis of 40 recent variants of the banking trojan TrickMo, uncovering novel capabilities like stealing unlock patterns/PINs and geolocating victims. It examines the malware's advanced features, including credential theft, data exfiltration, and command-and-control mechanisms. The report also identifies the primary targets based on geolocated IP addresses and the most targeted application types, providing insights into the threat actor's operations.

External references

https://otx.alienvault.com/pulse/670e34ec7ac9b2508d301e0e