Security researchers have identified “Albiriox,” a sophisticated new Android malware family being sold as Malware-as-a-Service (MaaS). The malware grants attackers full remote control over infected devices, including screen recording, keylogging, and bypassing banking 2FA mechanisms.
Business Impact
The MaaS model lowers the barrier to entry, meaning sophisticated mobile attacks are becoming cheaper and more widespread. Corporate BYOD fleets are at high risk; an infected employee device can be used to steal MFA tokens, access corporate email, and authorize fraudulent financial transactions.
Why It Happened
Albiriox exploits Android Accessibility Services (a common but dangerous permission) to automate interactions on the screen. It is typically distributed via malicious apps sideloaded from third-party stores or disguised as legitimate utilities.
Recommended Executive Action
Enforce strict Mobile Application Management (MAM) policies that block the installation of apps from unknown sources. deploying mobile threat defense (MTD) agents that can detect abuse of Accessibility Services on managed devices.
Hashtags: #Android #Malware #Albiriox #MobileSecurity #MaaS #BankingTrojan #CyberCrime #InfoSec