Latest news with #Triada
Biz Bahrain
05-04-2025
- Biz Bahrain
Kaspersky uncovers advanced Triada trojan preinstalled on counterfeit smartphones
Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorized retailers. Embedded in the system firmware, the malware operates undetected and grants attackers' full control over infected devices. More than 2,600 users worldwide have been affected. Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including: ● Stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. ● Sending and deleting messages in apps like WhatsApp and Telegram. ● Substituting cryptocurrency wallet addresses. ● Redirecting phone calls by spoofing caller IDs. ● Monitoring browser activity and injecting links. ● Intercepting, sending, and deleting SMS messages. ● Enabling premium SMS charges. ● Downloading and executing additional payloads. ● Blocking network connections to potentially bypass anti-fraud systems. 'The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem,' said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. 'This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funneled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero.' Kaspersky solutions detect this variant as First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices.
Tahawul Tech
04-04-2025
- Tahawul Tech
Kaspersky uncovers advanced Triada trojan preinstalled on counterfeit smartphones
Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorised retailers. Embedded in the system firmware, the malware operates undetected and grants attackers' full control over infected devices. More than 2,600 users worldwide have been affected. Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including: Stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. Sending and deleting messages in apps like WhatsApp and Telegram. Substituting cryptocurrency wallet addresses. Redirecting phone calls by spoofing caller IDs. Monitoring browser activity and injecting links. Intercepting, sending, and deleting SMS messages. Enabling premium SMS charges. Downloading and executing additional payloads. Blocking network connections to potentially bypass anti-fraud systems. 'The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem', said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. 'This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funnelled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero'. Kaspersky solutions detect this variant as First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices. Image Credit: Kaspersky
Zawya
03-04-2025
- Zawya
Kaspersky uncovers advanced Triada trojan preinstalled on counterfeit smartphones
Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorized retailers. Embedded in the system firmware, the malware operates undetected and grants attackers' full control over infected devices. More than 2,600 users worldwide have been affected. Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including: Stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. Sending and deleting messages in apps like WhatsApp and Telegram. Substituting cryptocurrency wallet addresses. Redirecting phone calls by spoofing caller IDs. Monitoring browser activity and injecting links. Intercepting, sending, and deleting SMS messages. Enabling premium SMS charges. Downloading and executing additional payloads. Blocking network connections to potentially bypass anti-fraud systems. 'The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem,' said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. 'This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funneled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero.' Kaspersky solutions detect this variant as First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at
