Dodgy Android smartphones are being preloaded with Triada malware


- Kaspersky uncovers counterfeit Android smartphones preloaded with Triada malware
- The researchers speculate the supply chain might have been compromised
- More than $270,000 in crypto has already been stolen
Counterfeit versions of popular Android smartphones are being sold with malware pre-installed, experts have revealed.
Cybersecurity researchers Kaspersky have warned users about buying heavily discounted Android smartphones from shady online stores after it observed at least 2,600 victims, located mostly in Russia, who received their brand-new smartphones carrying the Triada Trojan.
“The new version of the malware is found in the firmware of infected Android devices,” reads the machine-translated announcement. “It is located in system framework, meaning a copy of Triada makes its way into every process on your smartphone.”
Targeting journalists
The malware was said to have a wide range of functionalities and can give the attacker “almost unlimited possibilities” for controlling the compromised devices.
Among other things, Triada can steal user accounts in messengers and social networks, stealthily send messages on behalf of the victim, steal cryptocurrencies, monitor the victim’s browser activities, replace links, swap numbers during calls, monitor and intercept SMS messages, download and run apps, and block network connections.
Dmitry Kalinin, cybersecurity expert at Kaspersky Lab, said Triada remains “one of the most sophisticated and dangerous threats to Android,” but added that the researchers don’t really know how the devices got infected.
“It’s possible that one of the stages in the supply chain is compromised,” he said, “so the stores selling the devices may not even suspect that they’re selling Triada-infected devices.”
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
These thousands of victims have already suffered hundreds of thousands of dollars in losses, the researchers concluded.
Kaspersky claims around $270,000 in cryptocurrency was already siphoned out, suggesting that the number could be even greater since some of the transactions were made in difficult-to-trace Monero.
The best way to avoid this risk is to only buy smartphones from authorized sellers. Alternatively, users could reflash their device using a clean system image from Google.
Via BleepingComputer
You might also like
Kaspersky uncovers counterfeit Android smartphones preloaded with Triada malware The researchers speculate the supply chain might have been compromised More than $270,000 in crypto has already been stolen Counterfeit versions of popular Android smartphones are being sold with malware pre-installed, experts have revealed. Cybersecurity researchers Kaspersky have warned users about…
Recent Posts
- Alienware’s 27-inch 280Hz QD-OLED monitor is now available for $550
- The 100+ best Prime Day deals under $100
- My favorite medical comedy-drama Scrubs is getting resuscitated on Hulu, but I hope it doesn’t undergo major surgery as part of its revival
- The best Prime Day deals on Verge-favorite 4K Blu-rays
- Kodak’s retro Super 8 camcorder is outrageously expensively, but I’ve found this super-cheap digital alternative
Archives
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022