Verticals Targeted: Financial, Cryptocurrency
Regions Targeted: Global
Related Families: Rokarolla
Beyond Banking Trojans: Rokarolla Expands the Android Fraud Playbook
Jun 26, 2026 2:32:36 PM / by The Hivemind posted in Threat Bulletin, Android Malware, Android banking trojan, mobile banking fraud, cryptocurrency malware, Rokarolla, banking malware, Android phishing overlays
Massiv Android Banking Trojan
Feb 23, 2026 2:39:35 PM / by The Hivemind posted in Threat Bulletin, device takeover, Android banking trojan, Android Overlay Attacks, IPTV masquerade, mobile banking fraud, remote control Android, Massiv malware, southern Europe threats
Verticals Targeted: Financial, Government
Regions Targeted: Southern Europe
Related Families: None
Executive Summary
Massiv represents an emerging Android banking Trojan family capable of overlay-based credential theft, keylogging, message interception, and full device takeover via remote control features, enabling fraudulent transactions and account manipulations. Distributed primarily through fake IPTV applications sideloaded outside official stores, it has facilitated confirmed fraud in southern Europe, particularly exploiting Portuguese government digital identity tools for bypassing security verifications.
Albiriox Android Malware
Dec 8, 2025 1:43:05 PM / by The Hivemind posted in Threat Bulletin, Emerging Threat, on-device fraud, overlay attacks, Android banking trojan, MaaS Malware, Mobile RAT, Android Overlay Attacks, Golden Crypt, Albiriox, Russian-speaking Threat Actors
Verticals Targeted: Financial, Cryptocurrency
Regions Targeted: Austria, Global
Related Families: None
RatOn Android Malware
Sep 19, 2025 2:18:19 PM / by The Hivemind posted in Threat Bulletin, overlay attacks, Accessibility Services abuse, RatOn, Android banking trojan, automated transfer system, cryptocurrency wallet takeover, mobile malware, NFSkate, NFC relay attack
Verticals Targeted: Financial
Regions Targeted: Czech Republic, Slovakia
Related Families: NFSkate