- Kaspersky discovers the falsified Android smartphones preloaded with triad malware
- Researchers speculate that the supply chain could have been compromised
- More than $ 270,000 has already been stolen in crypto
The counterfeit versions of the popular Android smartphones are sold with pre -installed malware, experts have revealed.
Kaspersky cybersecurity researchers have warned users about buying Android smartphones with a great discount of the shadows online after at least 2,600 victims, located mainly in Russia, who received their new smartphones that carried the Triada Trojan.
“The new version of the malware is found in the firmware of the infected Android devices,” reads the machine translated by machine. “It is in the framework of the system, which means that a triad copy makes its way in each process on its smartphone.”
Aimed at journalists
It was said that malware had a wide range of functionalities and can give the attacker “almost unlimited possibilities” to control the committed devices.
Among other things, triad can steal user accounts in messengers and social networks, sigrilatedly send messages on behalf of the victim, steal cryptocurrencies, monitor the victim’s browser activities, replace links, exchange numbers during calls, monitor and intercept SMS messages, download and run applications and block network connections.
Dmitry Kalinin, an expert in cybersecurity in Kaspersky Lab, said Trianda remains “one of the most sophisticated and dangerous threats for Android”, but added that the researchers really do not know how the devices were infected.
“It is possible that one of the stages in the supply chain is compromised,” he said, “so the stores that sell the devices do not even suspect that they are selling devices infected with triad.”
These thousands of victims have already suffered hundreds of thousands of dollars in losses, the investigators concluded.
Kaspersky states that around $ 270,000 in cryptocurrencies were already diverted, suggesting that the number could be even greater since some of the transactions were made in Monero difficult to do.
The best way to avoid this risk is to buy only smartphones of authorized vendors. Alternatively, users could reflect their device using a clean Google system image.
Through Bleepingcomputer
