This devious Android malware has returned disguised as TikTok or streaming apps and now uses blockchain to go unnoticed.

• ThreatFabric detected a new TrickMo.C variant targeting Android users in Europe
• Disguised as streaming apps/TikTok, it steals credentials, intercepts SMS, suppresses OTP and enables live surveillance.
• The victims are mainly in France, Italy and Austria.

Android users across Europe are being attacked with a new variant of a banking Trojan that has been around for a decade, researchers have revealed.

ThreatFabric has explained how it has been tracking a banking Trojan called TrickMo.C since January 2026.