New Android malware Albiriox lets hackers steal money in real-time
A new Android malware called Albiriox is making waves on Russian cybercrime forums. Sold as a subscription service, it lets attackers remotely control your device and pull off banking fraud—no OTPs needed.
Recently discovered, it targets over 400 banking, fintech, and crypto apps by being distributed as fake apps that mimic legitimate ones.
How does it get on your phone?
Albiriox spreads through fake apps shared on messaging platforms and lookalike Play Store pages.
It tricks you into enabling "install unknown apps" by faking system update screens.
Once in, it uses accessibility features and live screen streaming to control your device—letting hackers bypass two-factor authentication.
Why should you care?
Albiriox's modular design, along with tools like Golden Crypt, helps it stay hidden.
It can cover its tracks with fake updates or black screens while draining your accounts.
With its recent arrival and ability to dodge OTPs, experts warn this malware is a serious threat for anyone using mobile banking or payment apps.