Android users, be careful about where your apps come from.

That's because there's a new and very sinister-sounding kind of malware going around on Google's mobile OS, according to the fraud prevention experts at Cleafy (per Android Authority). Called Albiriox, the malware has been known to infect users' devices, giving bad-faith actors full remote control over the device, at which point they drain the device owner's bank accounts without even needing a password.

Cleafy goes into the nitty-gritty technical details on how this all works, but a basic summary is that the malware is being hidden in fake (but real-looking) Google Play Store download pages for financial apps on external sites. If you hit the download button on one of these pages, which, again, are not actually in the Play Store

See Full Page