Latest news with #DmitryKalinin
Biz Bahrain
05-04-2025
- Biz Bahrain
Kaspersky uncovers advanced Triada trojan preinstalled on counterfeit smartphones
Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorized retailers. Embedded in the system firmware, the malware operates undetected and grants attackers' full control over infected devices. More than 2,600 users worldwide have been affected. Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including: ● Stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. ● Sending and deleting messages in apps like WhatsApp and Telegram. ● Substituting cryptocurrency wallet addresses. ● Redirecting phone calls by spoofing caller IDs. ● Monitoring browser activity and injecting links. ● Intercepting, sending, and deleting SMS messages. ● Enabling premium SMS charges. ● Downloading and executing additional payloads. ● Blocking network connections to potentially bypass anti-fraud systems. 'The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem,' said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. 'This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funneled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero.' Kaspersky solutions detect this variant as First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices.
Tahawul Tech
04-04-2025
- Tahawul Tech
Kaspersky uncovers advanced Triada trojan preinstalled on counterfeit smartphones
Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorised retailers. Embedded in the system firmware, the malware operates undetected and grants attackers' full control over infected devices. More than 2,600 users worldwide have been affected. Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including: Stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. Sending and deleting messages in apps like WhatsApp and Telegram. Substituting cryptocurrency wallet addresses. Redirecting phone calls by spoofing caller IDs. Monitoring browser activity and injecting links. Intercepting, sending, and deleting SMS messages. Enabling premium SMS charges. Downloading and executing additional payloads. Blocking network connections to potentially bypass anti-fraud systems. 'The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem', said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. 'This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funnelled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero'. Kaspersky solutions detect this variant as First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices. Image Credit: Kaspersky
Zawya
03-04-2025
- Zawya
Kaspersky uncovers advanced Triada trojan preinstalled on counterfeit smartphones
Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorized retailers. Embedded in the system firmware, the malware operates undetected and grants attackers' full control over infected devices. More than 2,600 users worldwide have been affected. Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including: Stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. Sending and deleting messages in apps like WhatsApp and Telegram. Substituting cryptocurrency wallet addresses. Redirecting phone calls by spoofing caller IDs. Monitoring browser activity and injecting links. Intercepting, sending, and deleting SMS messages. Enabling premium SMS charges. Downloading and executing additional payloads. Blocking network connections to potentially bypass anti-fraud systems. 'The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem,' said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. 'This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funneled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero.' Kaspersky solutions detect this variant as First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at
Yahoo
06-02-2025
- Yahoo
卡巴斯基:會掃描擷圖識別隱私文本的惡意軟體已侵入 App Store 和 Google Play
卡巴斯基日前在 Apple App Store 和 Google Play 商店中發現了多款會掃描擷圖識別隱私文本的惡意軟體。根據研究者 Dmitry Kalinin 和 Sergey Puzan 的說法,這種名為「SparkCat」的攻擊方式從 2024 年 3 月起便有活動跡象。有問題的 app 會要求一些看似無害的權限,然後利用 OCR(光學字符辨識)技術掃描用戶的圖片庫,以尋找加密錢包恢復短語等敏感資訊。 在報告中卡巴斯基提到了送餐應用 ComeCome、AI 聊天工具 AnyGPT、WeTink 等 app,據其統計光在 Play 商店中惡意軟體的下載數量已超過 24.2 萬次。「這是 Apple 官方軟體商店中首次出現基於 OCR 技術的惡意軟體。」卡巴斯基寫道,「我們無法確定這是供應鏈攻擊造成的結果還是開發人員的蓄意行為,其中一些 app(比如送餐服務)看似正常,而有一些 app 很顯然就是為了引誘受害者而設。」 緊貼最新科技資訊、網購優惠,追隨 Yahoo Tech 各大社交平台! 🎉📱 Tech Facebook: 🎉📱 Tech Instagram: 🎉📱 Tech WhatsApp 社群: 🎉📱 Tech WhatsApp 頻道: 🎉📱 Tech Telegram 頻道:
