The TrickBot gang is using a malicious Android application they developed to bypass two-factor authentication (2FA) protection used by various banks after stealing transaction authentication numbers. IBM X-Force researchers say the Android app dubbed TrickMo is actively being updated and it is currently being pushed via the infected desktops of German victims with the help of web injects in online banking sessions. The app will forward text messages containing mTANs sent by the victims’ banks to TrickBot’s operators who can later use them to make fraudulent transactions.
Source: https://www.bleepingcomputer.com/news/security/trickbot-bypasses-online-banking-2fa-protection-via-mobile-app/