New Android Malware Directly Drains Bank Accounts – and is Available for Rent
A new Android trojan, dubbed Albiriox, is directly draining funds from users’ banking apps, bypassing traditional credential-stealing methods. Discovered by researchers at online fraud prevention firm Cleafy, the malware is being distributed through deceptive apps and is now available to hackers via a subscription service on dark web forums.
Unlike some banking malware that focuses on stealing usernames and passwords, Albiriox allows attackers to directly initiate transactions within a user’s banking application. Cleafy reports that over 400 fake apps targeting banking, fintech, digital payments, and cryptocurrency users have already been identified.
The malware spreads through “dummy” or infected APK files disguised as legitimate applications. Hackers are employing several tactics to trick users, including creating fake replicas of Google Play Store app listings and distributing malicious APKs via enticing promotions and offers through messaging apps like WhatsApp and Telegram. Researchers note that these tactics have primarily originated from hackers in Russia and neighboring regions.
The initial apks focus on gaining the “install unknown apps” permission on the victim’s device. Once granted, this allows the installation of the Albiriox-containing application.
“as the malware operates silently and more behind the scenes,you should be mindful of any unusual apps that you install,especially when they seem related to banking or any other financial service,” advises security experts.
To protect against Albiriox, users should:
* Only download apps from the official Google Play Store.
* Ensure Play Protect is up-to-date.
* Keep your device’s firmware updated to benefit from the latest security patches. Google recently released the Android Security Bulletin for December.
You can find more information about Albiriox from Cleafy: https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets and Android Authority: https://www.androidauthority.com/android-banking-malware-albiriox-3622063/
