TrickMo Android banker adopts TON blockchain for covert comms

SITREP: A new variant of the TrickMo Android banking malware has been identified, utilizing The Open Network (TON) blockchain for covert command-and-control communications. This malware is currently being deployed in campaigns targeting users throughout Europe. TACTICAL ASSESSMENT: The adoption of TON blockchain for malware communications indicates an evolution in cybercriminal tactics, enhancing their operational security and making detection more challenging for cybersecurity measures. This development could lead to an increase in banking fraud incidents across Europe as the malware spreads. PROJECTED VECTORS: Future campaigns may expand beyond Europe as the malware's capabilities are refined and its use of blockchain technology becomes more widespread.