Kaspersky security experts have found a modified version of the Triada, a remote access trojan (RAT) that’s capable of stealing sensitive information stored on Android smartphones.
“More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky says in a report.
The Triada malware is embedded in the operating system’s framework, meaning it operates undetected and gives attackers control over every process on a smartphone.
It offers hackers unlimited possibilities, including collecting login credentials to social media accounts, intercepting and removing personal messages sent with WhatsApp and Telegram, stealing cryptocurrency, and downloading and running malicious programs on infected devices.
“Triada Trojan has been known for a long time, and it still remains one of the most complex and dangerous threats to Android,” says Dmitry Kalinin, a cybersecurity expert at Kaspersky.
The new version of Triada infects smartphones even before users are able to lay their hands on them.
“The supply chain is probably compromised, so stores might not even suspect that they are selling smartphones with Triada,” Kalinin continues.
The developers of trojan malware are actively monetizing their efforts. Analysis of financial transactions suggests that approximately $270,000 in cryptocurrency has been transferred to crypto wallets belonging to the threat actors. The amount stolen is likely a lot higher because the attackers were also focused on Monero, a cryptocurrency that cannot be tracked.
To protect yourself from this malware, Kaspersky recommends only buying smartphones from authorized distributors. The cybersecurity firm also encourages you to install antivirus software immediately after you’ve completed your purchase.
Your email address will not be published. Required fields are markedmarked