> TritonInfoSec News
Home / May 12, 2026 / Story
0
#8 BleepingComputer general May 11, 2026 at 09:03 UTC

TrickMo Android banker adopts TON blockchain for covert comms

By Bill Toulas

AI Summary

A new TrickMo Android banking malware variant targeting users across Europe has been updated with new commands and now uses The Open Network (TON) blockchain as its command-and-control communication channel, making traffic significantly harder to block or trace via traditional network controls. TrickMo has historically been used for overlay attacks, SMS interception, and credential theft against mobile banking users. The adoption of blockchain-based C2 represents an evasion evolution that challenges conventional network-based detection approaches.

Read full article → https://www.bleepingcomputer.com/news/security/tri…

Relevance score: 79.0/100

# More from May 12

  1. 1
    Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation The Hacker News
  2. 2
    Google: Hackers used AI to develop zero-day exploit for web admin tool BleepingComputer
  3. 3
    Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak The Hacker News
  4. 4
    New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks SecurityWeek
  5. 5
    Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads The Hacker News
  6. 6
    cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor The Hacker News
  7. 7
    TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack The Hacker News
  8. 9
    UK water company allowed hackers to lurk undetected for nearly two years, regulator finds The Record
  9. 10
    Hackers abuse Google ads, Claude.ai chats to push Mac malware BleepingComputer