Researchers have uncovered a new Android banking trojan called Albiriox, distributed through fake or infected APKs that mimic real Google Play apps. Spread as a Malware-as-a-Service by threat actors in Russia and nearby regions, it tricks users into enabling “Install unknown apps,” then installs a hidden payload. Over 400 fake banking, fintech, and crypto apps have already been found.
Albiriox lets hackers remotely control devices via VNC, performing clicks, swipes and transactions while hiding activity behind blank screens or fake system updates. Users are urged to install apps only from Google Play, keep Play Protect enabled, and ensure their devices run the latest firmware updates.
Source: Android Authority
