New TrickMo Variant Expands Mobile Device Takeover Capabilities

A newly identified TrickMo Android malware variant is targeting banking, fintech, cryptocurrency wallet, and authentication apps by abusing accessibility services and remote-control functions to capture credentials, intercept one‑time passcodes, and manipulate app sessions, enabling device takeover and bypass of multi-factor authentication; the campaign highlights a shift toward full-device compromise and the need for behavior-based detection, strict app controls, and continuous mobile threat monitoring.