Modifying the network traffic routing to pass through a proxy would allow an attacker to analyze the encrypted traffic if the attacker can install their own certificate authority on the device and trust it to intercept SSL/TLS communications. Since the mobile banking app employs certificate pinning, this would typically prevent the proxy from intercepting the traffic; however, combining it with a Frida script to hook into the application and bypass the pinning check can successfully enable the interception of network traffic. Frida is a dynamic code instrumentation toolkit that allows testers to change the behavior of apps at runtime.

Installing a rogue application version would be possible if the attacker could create one but does not directly solve the challenge of bypassing certificate pinning. Generating a new certificate pair does not bypass pinning, as the app is programmed to only trust a specific certificate. Cloning the server's actual certificate is not practical without access to the server's private key, and the application would still recognize it as non-pinned. Spoofing DNS records would not affect HTTPS traffic in this context, as certificate pinning is designed to resist this kind of attack.