Ethical Hacking News
New Triada Trojan variant discovered preinstalled on thousands of Android devices, stealing data upon setup, as Kaspersky researchers uncover the extent of the malicious scheme behind this sophisticated cyber threat.
Thousands of Android devices have been infected with the Triada Trojan malware, which was preinstalled on counterfeit smartphones. The malware provides attackers with almost unlimited control over the device, allowing them to steal accounts, send messages, and monitor browsing. The new variant has been monetized by transferring approximately $270,000 in cryptocurrencies to attacker wallets. Experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android to protect against malware.
In recent days, Kaspersky researchers have made headlines by revealing a new variant of the Triada Trojan malware that has been preinstalled on thousands of Android devices. This sophisticated cyber threat has garnered significant attention from cybersecurity experts, who are now sounding the alarm about its potential impact.
According to reports from Kaspersky, the new Triada variant was discovered in counterfeit Android devices that mimicked popular smartphone models. The researchers speculate that threat actors behind this variant have compromised the supply chain, making it challenging for stores to suspect that they are selling smartphones infected with the malware.
The malware, embedded in the system framework of infected Android devices, provides attackers with almost unlimited control over the gadget. This means that a copy of Triada gets into every process on the smartphone, allowing the attackers to steal accounts, send messages, steal crypto, monitor browsing, intercept SMS, and more.
What is particularly concerning about this new variant is its monetization strategy. According to Dmitry Kalinin, a cybersecurity expert at Kaspersky Lab, "the authors of the new version of Triada are actively monetizing their efforts." The researchers analyzed transactions and found that the attackers were able to transfer approximately $270,000 in various cryptocurrencies to their crypto wallets.
This revelation highlights the significant financial implications of this cyber threat. In addition to the monetary losses suffered by individuals and businesses, the exploitation of sensitive data could have far-reaching consequences for national security and global stability.
To protect against malware like Triada, experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android immediately.
In recent years, the Triada Trojan has been a subject of interest among cybersecurity researchers. The first time it was spotted in 2016 by researchers at Kaspersky Lab, it was considered the most advanced mobile threat seen to that date. Designated with the specific intent to implement financial frauds, typically hijacking financial SMS transactions, Triada's modular architecture gives it theoretically a wide range of abilities.
One of the most interesting characteristics of Triada is its use of the Zygote parent process to implement its code in the context of all software on the device. This means that the threat is able to run in each application, making it particularly difficult to detect and remove.
The only way to remove the threat is to wipe the smartphone and reinstall the OS. In a previous incident, researchers at Dr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231 banking malware.
In conclusion, the new Triada Trojan variant discovered preinstalled on thousands of Android devices has significant implications for individual users, businesses, and national security. As experts sound the alarm about this sophisticated cyber threat, it is essential to take proactive measures to protect against malware like Triada and stay informed about emerging threats in the ever-evolving landscape of cybersecurity.
Related Information:
https://www.ethicalhackingnews.com/articles/The-New-Triada-Trojan-Variant-A-Sophisticated-Android-Malware-with-a-Trail-of-Data-Theft-and-Exploitation-ehn.shtml
https://securityaffairs.com/176143/malware/new-triada-comes-preinstalled-on-android-devices.html
https://www.bleepingcomputer.com/news/security/counterfeit-android-devices-found-preloaded-with-triada-malware/
Published: Thu Apr 3 01:25:22 2025 by llama3.2 3B Q4_K_M
