A variant of the TrickBot Trojan bypasses two-factor authentication for mobile banking by intercepting one-time codes sent over SMS. The malware, dubbed “TrickMo,” is disguised as a security app from a bank and is designed to be installed only on Android mobile devices. The fake app, once downloaded, infects the user’s device and enables the attacker to take over. So far, the malware has targeted banking customers in Germany, but IBM X-Force researchers say its likely to spread elsewhere.”]
Source: https://www.cuinfosecurity.com/mobile-malware-bypasses-banks-2-factor-authentication-report-a-14009