The Bank of Spain alerts a malware capable of “capturing bank credentials.” His name: Trickmo

The scams and fraud are the order of the day. The one that most and the least will have received a called with a synthetic voice offering easy money, An SMS with a fraudulent link or a mail supplanting identity of some service or company. According to the Ministry of Interior, only in 2023 426,744 computer scams were registered, 27% more than in 2022, and the thing does not seem to go less. Scams and malware are the order of the day and today is the turn of talking about Trickmo, protagonist of The last alert of the Bank of Spain.

Trickmo. That is the name that receives this peculiar malware. The Bank of Spain refers to him as “one of the last dangers detected”, but the truth is that It is not the first time that we hear about him. Trickmo is a Trojan with many variants, as explained by security companies such as Cleafy and Zimperiumand is able to record the screen, register single -use codes, grant permits and simulate the blocking or mobile pin.

The goal? Banking keys, of course. According to the Bank of Spain, this malware “infiltrates mobile devices through malicious applications that we download or fraudulent links.” In the case of installing it, “Trickmo can have access to our SMS, capture bank credentials and access our accounts without authorization.” In addition, the agency points the following:

“(…) There is a variant of Trickmo that” paints “a false interface that simulates the mobile screen, where it records the movements we draw on it to, in this way, obtain our pin or the unlocking pattern.”

False screens generated by Trickmo | Image: Zimperium

Affected. According to Zimperium’s analysis, the main countries affected by this malware are Canada, United Arab Emirates, Türkiye and Germany. For the map shared in the report, it seems that in Spain there have also been affected, but the percentage is minimal with respect to the four mentioned above.

How to avoid it? The Bank of Spain offers some basic tips, such as maintaining updated software, not downloading apps from external sources to offices, Activate two steps authentication and pay attention to attachments and files. With regard to banks, most likely they never send links by SMS. In the emails and URLs, however legitimate that they seem, it is best to check the sender and notice that the “or” are not zeros, for example. And before the doubt, always consult with the bank.

Cover image | Master1305

In Xataka | How to detect and eliminate malware with MSRT, the hidden Windows 10 and 11 tool