Threats Tagged 'telegram delivery'
View all threats tagged with 'telegram delivery'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'telegram delivery'
Click on any threat for detailed analysis and mitigation recommendations
Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign 0 This threat involves a malicious campaign impersonating an Italian banking brand to lure users with fake financial rewards. Victims are redirected to a Telegram bot that distributes a malicious Android APK outside official app stores. The APK acts as a dropper for a second-stage payload known as Albiriox, an Android banking Remote Access Trojan. Albiriox abuses Accessibility services, performs overlay attacks, intercepts SMS messages, captures credentials, and enables remote control via a custom TCP command-and-control protocol. The campaign uses domain impersonation and social engineering with financial incentives to spread the malware. Communication occurs over raw TCP sockets on ports 5555 and 5552 using JSON messages with big-endian length prefixes. The campaign targets users in Italy. Join the discussion | AlienVault OTX General | 07/09/2026, 22:16:05 UTC Added: 07/10/2026, 07:47:32 UTC |
Showing 1 to 1 of 1 result