Beware! This Malware Can Get Into Your Bank Account Without Needing An OTP

Hackers are finding new ways almost every month to access the financial details or steal data of users. Now, the latest in the line is a malware that allows hackers to access your bank accounts without any OTP. According to fraud prevention firm Cleafy, the threat is named Albiriox, and it has been moving silently via fake apps and cloned Play Store listings. One of the most concerning part about the same is that it is being offered to cybercriminals as a part of a subscription-style toolkit on different dark web platforms. The Cleafy team pretty recently discovered Albiriox after noticing a similar kind of pattern in previous threats. Hackers are pretentiously listing malicious APK files as standard applications, duping users into installing

these apps manually. Furthermore, these APKs are shared from multiple sources like WhatsApp messages, Telegram messages, and fake app pages.

How Albiriox Banking Malware Works?

As for its working, hackers first push users to enable the 'install unknown apps' permission. After that, the installer makes a hidden move of dropping the Trojan in the background. Once the malware is activated, it doesn't focus on stealing passwords; instead, it directly interacts with digital payment, banking, fintech. The app doesn't even spare crypto apps. As per a report published by Android Authority, more than 400 fake apps have already been flagged by researchers.This could be dubbed one of the most sophisticated attack on the users until now. Because here the user is not prompted of anything until the money is gone from the account. Investigators related to the matter said that the Trojan is being circulated as Malware-as-a-service, a model where hackers simply subscribe, download, and deploy the malware. This strategy has gained a lot of traction in Russia.Also Read: 120,000 Home Security Cameras Hacked In This Country To Record Sexual Videos, Clips Illegally Up For Sale On Adult Sites In order to stay safe, you just need to keep a few things in check, like making sure you don't install apps from unverified sources because that could be a clear invitation for hackers. Apart from that, keep the install unknown apps disabled in the phone settings.