1. Forum
  2. tqwNet
  3. TQW GENTECH

  • This devious Android malware has returned disguised as TikTok or

    From TechnologyDaily@1337:1/100 to All on Tuesday, May 12, 2026 19:30:28
    This devious Android malware has returned disguised as TikTok or streaming apps and is now using blockchain to remain undetected

    Date:
    Tue, 12 May 2026 18:20:00 +0000

    Description:
    A fake TikTok app is actually a banking trojan enabling credential theft and wire fraud.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter ThreatFabric spotted new TrickMo.C variant targeting Android users in Europe Disguised as TikTok/streaming apps, it steals credentials, intercepts SMS, suppresses
    OTPs, and enables live surveillance Victims are mostly situated in France, Italy and Austria Android users across Europe are being targeted with a new variant of a decade-old banking trojan, researchers have revealed.

    ThreatFabric has explained how it has been tracking a banking trojan called TrickMo.C, since January 2026. TrickMo is an Android banking trojan that was first spotted in September 2019, but since then has been in active development, constantly receiving upgrades and new features. By 2024, there were more than 40 TrickMo variants in existence, being delivered through more than a dozen droppers, and communicating with 22 separate command-and-control (C2) infrastructures. Latest Videos From You may like Android Trojans use a devious trick and 'magically' disappear once installed Dangerous Massiv Android malware poses as IPTV app to infect devices and steal banking info SparkCat malware returns to target Android and iOS users, hiding in innocent apps to try and steal your details Extracting secrets from the French, Italians, and Austrians This latest version is being disguised as TikTok and streaming apps. The exact deployment mechanism is unknown, but its safe to assume the crooks are advertising it on third-party app repositories, on Telegram and social media channels, as well as through phishing and SEO poisoning.

    When installed on the target device, TrickMo.C creates a phishing overlay through which it can harvest login credentials and other valuable secrets. It can also log keys, taps, and strokes, record the screen, livestream the contents directly to the attackers, and intercept SMS messages. It can suppress OTP notifications, modify the users clipboard, filter notifications, and send screenshots.

    All of this allows the attackers to steal credentials, log into peoples bank accounts and crypto wallets, make payments and wire transfers, while keeping the victims entirely in the dark. The victims are mostly located in France, Italy, and Austria, it was said.

    What makes TrickMo.C stand out compared to previous versions is that it communicates with its operator via TON, a decentralized peer-to-peer network originally developed around the Telegram ecosystem. Instead of using publicly exposed servers, users communicate with the web through an encrypted overlay network. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    The operators use ADNL addresses routed through an embedded local TON proxy that runs on the infected endpoint. The best antivirus for all budgets Our
    top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-devious-android-malware-has-return ed-disguised-as-tiktok-or-streaming-apps-and-is-now-using-blockchain-to-remain -undetected


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)