Application security, Endpoint/Device Security, Malware

Total Android device hijacking sought by novel Albiriox malware

Powered by Android operating system OS software logo icon on a smartphone tablet mobile phone device display screen macro, extreme closeup detail, nobody Android apps

Newly emergent Albiriox malware-as-a-service believed to have been managed by Russian-speaking threat actors has been targeting mobile banking and cryptocurrency apps, as well as facilitating total Android device takeovers, GBHackers News reports.

Attacks involving Albiriox commence with SMS messages with links redirecting to fraudulent websites masquerading as the Google Play Store and other legitimate services where an app could be downloaded, according to Cleafy researchers. Downloading the fake apps installs a dropper for Albiriox, which displays a bogus system update screen to enable the "Install Unknown Apps" permission and eventually allow device hijacking.

Aside from leveraging a VNC-based remote access tool to allow real-time device control and monitoring, Albiriox also harnesses overlay attacks to exfiltrate credentials from more than 400 financial apps, including banks, digital wallets, cryptocurrency exchanges, and payment processors, worldwide. Avoiding compromise with Albiriox necessitates the implementation of two-factor authentication and up-to-date security software.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds