← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Albiriox Exposed: A New RAT Mobile Malware Targeting Global Finance and Crypto Wallets
WHITE PetrP.73 2025-12-05 Modified: 2026-01-04
19
IOCs
MEDIUM VOLUME
Albiriox is a newly identified family of Android malware emerging as a Malware-as-a-Service (MaaS) that targets global financial and cryptocurrency sectors. Managed by Russian-speaking threat actors, Albiriox shows active development and a sophisticated two-stage deployment strategy designed to evade detection. The initial delivery mechanism involves dropper applications disguised as legitimate software, utilizing social engineering tactics, including the creation of fake Google Play pages.
albirioxandroid bankingoverlaysystem updatetrojangolden cryptac vncaccessibilityinstallunknown appsandroidanalyzingodfremote access
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Albiriox
Indicators of Compromise (1 / 19 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
hostname play.google-get.store 2025-12-05
References (1)
↗ https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets#6