"TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud"

Researchers at Cleafy found a new variant of the Android banking trojan called "TrickMo" that can evade analysis and display fake login screens to steal victims' banking credentials. According to Cleafy, the new capabilities involve using malformed ZIP files together with JSONPacker. The application is installed via a dropper app with the same anti-analysis mechanisms. This article continues to discuss findings regarding the new variant of TrickMo.

THN reports "TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud"

Submitted by grigby1