How TrickMo Works: The Banking Virus That Also Steals Your Mobile PIN and Unlock Pattern
In a cyberattack, we need to understand that the primary goal of scammers is to get hold of our personal and banking data. To achieve this, they often use techniques such as tricking us into filling out a fake form with all this information, pretending to be a legitimate entity like the tax office or the traffic department.
For their scam to work, it is crucial that the victim willingly provides this information. However, as technology evolves, so do the tools available to cybercriminals, becoming more effective and sophisticated.
Now, as identified by security firms Cleafy and Zimperium, a new variant of the banking Trojan known as TrickMo has been discovered. This updated version has expanded its capabilities, allowing cybercriminals to access and control a mobile device even when it's locked, by stealing the device's PIN or unlock pattern.
Originally, TrickMo was designed to gain unauthorized access to victims' bank accounts and financial transactions to steal money. It could record the screen, intercept one-time passwords (OTPs), and automatically grant permissions for pop-up notifications.
The Trojan has multiple versions, and this latest one has introduced new features that point to gaining control of the mobile device even when it’s locked. Specifically, some versions have been found to steal the device's PIN or unlock pattern by displaying a fake interface that mimics the phone's lock screen. Unknowingly, the victim enters their unlock information, which is then transmitted to the cybercriminals.
Zimperium's analysis revealed that most victims are located in Canada, the United Arab Emirates, Turkey, and Germany. Although TrickMo primarily targets banking credentials, it also aims to access corporate resources such as VPNs.
https://myboothaifree.myikas.com/
https://fourever-you-ep3-hd.webflow.io/
https://familybychoice-ep3-thaidub.webflow.io/
https://unlockyourlove-ep6-hd.webflow.io/