At the beginning of 2021, a new type of trojan called “Teabot” was found attacking users. The trojan was specifically designed to steal the victim’s bank credentials and SMS messages.
Other features of the trojan included Remote access capabilities and screen capturing via request-on-demand services. Threat actors have the ability to do account takeovers directly from compromised mobile devices. This technique is called “On-device fraud”.