New Albiriox Android Malware Developed by Russian Cybercriminals

A new Android malware named Albiriox is being offered on cybercrime forums by Russian-speaking threat actors, according to online fraud management company Cleafy.

Albiriox is a banking trojan designed for on-device fraud (ODF), enabling attackers to take control of compromised mobile devices to carry out fraudulent transactions from the victim’s cryptocurrency or banking applications.

The malware appears to be under development. It includes remote access functionality that enables real-time control of the compromised Android device, a feature that seems fully operational.

Albiriox can also be used for overlay attacks, which involve displaying phishing pages on top of legitimate applications to trick users into handing over their banking and cryptocurrency credentials. This functionality was still under development when Cleafy researchers analyzed the malware.

Albiriox emerged in September, when its developers started recruiting users for an early version. The trojan has been offered under a malware-as-a-service (MaaS) model since October, at ...