Cybersecurity researchers have discovered a new variant of the TrickMo Android malware that uses The Open Network as a command and control system and leverages SOCKS5 proxies to turn infected devices into network pivots. This advanced capability allows attackers to route malicious traffic through compromised Android phones, effectively using them as stepping stones to breach corporate networks and evade detection. The discovery highlights the growing sophistication of mobile malware in enabling broader network attacks beyond just stealing data from individual devices.