Cybersecurity Firm Kaspersky said it discovered thousands of fake Android smartphones sold online with preinstalled malware designed to steal crypto and other sensitive data.
Android devices are sold at reduced prices, cybersecurity firm Kaspersky Labs Says In a statement of April 1, but riding a version of the Triada Trojan that affects each process and gives the attacks “almost unlimited control” to the device.
Dmitry Kalinin, a cybersecurity expert at Kaspersky Labs, said that once Trojan gives access to attacks on devices, they can steal crypto by changing Wallet addresses.
“Those with the new version of Triada actively activate their efforts; at the discretion by reviewing transactions, they were able to move about $ 270,000 to various cryptocurrencies to their crypto wallets,” he said.
“However, in reality, this amount may be greater; the attacks also target Monero, a cryptocurrency that is unreliable.”
Among the other Trojan’s capabilities include stealing user account information and blocking incoming and outgoing texts, including two-factor validation.
Trojan penetrates the smartphone firmware even before the phone reaches the users, and some online sellers may not even be aware of the Ticking time bomb on the deviceAccording to Kalinin.
“Perhaps, at one of the stages, the supply chain is compromised, so the stores may not be suspect that they are selling smartphones with triada,” he said.
At this stage, Kaspersky researchers said they found 2,600 confirmed infections through this scam in various countries, including most Russian users who encountered it in the first three months of 2025.
Android devices are sold at reduced prices but riding in malware. Source: Naked
Triada Malware was first -Surf in 2016 and is known for targeting financial applications and messaging apps such as WhatsApp, Facebook and Google Mail, According to In the cybersecurity firm Darktrace. This is usually delivered by malicious download and Phishing campaigns.
“The Triada Trojan has been known for a long time, and it still remains one of the most complicated and dangerous Android threats,” Kalinin said.
The best way to prevent the victim’s fall on this scam is to buy only devices from legitimate shares and install security solutions immediately after purchase, according to Kaspersky Labs.
Other companies have also raised alarms in new forms of malware that target crypto users.
Related: Interpreting Crypto, scam losses dropped to $ 28.8m in March after February Spike
Cybersecurity firm threat cloth said in a March 28 report It found a new Malware family that could launch a fake overlay to deceive Android users in providing their crypto seed phrases while the device was required.
On March 18, the tech giant Microsoft It said that a new remote access trojan was found (Rat) that targets the crypto held in 20 wallet extensions for the Google Chrome browser.
Magazine: Mystery Celeb Memecoin Scam Factory, HK Firm Dumps Bitcoin: Asia Express
