A new Android malware named Albiriox is promoted through malware-as-a-service to conduct device fraud and remote control activities, targeting banking and financial apps. Researchers also identified RadzaRat, a remote access trojan, and other malicious campaigns exploiting fake app stores and social engineering. #Albiriox #RadzaRat #BTMOB #GoldenCrypt
Keypoints
- Albiriox malware uses dropper applications and packing techniques to evade detection and facilitate fraud on mobile devices.
- The malware incorporates VNC-based remote control, leveraging accessibility services to bypass Android security protections.
- Targeted overlays and dynamic credential harvesting support in-device fraud, especially against banking and crypto apps.
- RadzaRat is a remote access tool disguised as a file manager, enabling extensive surveillance and data theft.
- Fake Google Play Store pages and social engineering are used to distribute malware like BTMOB and facilitate credential theft.
Read More: https://thehackernews.com/2025/12/new-albiriox-maas-malware-targets-400.html