A versatile banking trojan targeting users in Latin America has been circulating in multiple countries. The malware ensures persistence on infected systems and has advanced capabilities such as planting backdoors, stealing bitcoins, and exfiltrating credentials. It can take screenshots, manipulate windows, simulate mouse and keyboard actions, restart the machine, restrict access to various banking websites and update itself. Some variants of the trojan can also hijack cryptocurrency by replacing a Bitcoin wallet address in the clipboard and getting saved passwords from Chrome web browser.
Source: https://www.bleepingcomputer.com/news/security/mekotio-banking-trojan-imitates-update-alerts-to-steal-bitcoin/