Android PINs exfiltrated by newly emergent TrickMo malware variants

Share This Post



BleepingComputer reports that Android PINs have been targeted for exfiltration by some of the 40 newly discovered TrickMo Android banking trojan variants, which have one-time password interception, data and credential theft, screen recording, accessibility service exploitation, and automated permission granting capabilities.

Fake unlock screens have been utilized by the novel TrickMo variants to compromise Android users’ unlock patterns or PINs, a Zimperium analysis showed. “When the user enters their unlock pattern or PIN, the page transmits the captured PIN or pattern details, along with a unique device identifier (the Android ID) to a PHP script,” said Zimperium. Additional findings revealed that TrickMo has already compromised at least 13,000 individuals around the world, most of whom were in Canada, although the total number of victims could still be underestimated. “Our analysis revealed that the IP list file is regularly updated whenever the malware successfully exfiltrates credentials. We discovered millions of records within these files, indicating the extensive number of compromised devices and the substantial amount of sensitive data accessed by the Threat Actor,” Zimperium added.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blogs

Mickey Mouse operation hacked by former employee

A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers. Michael Scheuer, a former system administrator with the

Do You Want To Boost Your Business?

drop us a line and keep in touch