Technology

Kaspersky uncovers a sophisticated cyber threat to users of counterfeit smartphones

Published by
Web Desk

ISLAMABAD: Kaspersky has uncovered a new, sophisticated version of the Triada Trojan preinstalled on counterfeit Android smartphones allegedly sold through unauthorized retailers. Embedded in the system firmware, the malware operates undetected and grants attackers’ full control over infected devices. More than 2,600 users worldwide have been affected.

Unlike typical mobile malware delivered via malicious apps, this Triada variant is integrated into the system framework, infiltrating every running process. It enables a wide range of malicious activity, including stealing messaging and social media accounts, including Telegram, TikTok, Facebook, and Instagram. Sending and deleting messages in apps like WhatsApp and Telegram. Substituting cryptocurrency wallet addresses. Redirecting phone calls by spoofing caller IDs. Monitoring browser activity and injecting links. Intercepting, sending, and deleting SMS messages. Enabling premium SMS charges. Downloading and executing additional payloads and blocking network connections to potentially bypass anti-fraud systems.

“The Triada Trojan has evolved into one of the most advanced threats in the Android ecosystem,” said Dmitry Kalinin, malware analyst at Kaspersky Threat Research. “This new version infiltrates the device at the firmware level—before it even reaches the user—pointing to a supply chain compromise. According to the analysis of the open sources, attackers have already funneled at least $270,000 in stolen cryptocurrency to their wallets, though the actual total may be higher due to the use of untraceable coins like Monero.”

Kaspersky solutions detect this variant as Backdoor.AndroidOS.Triada.z.

First discovered in 2016, Triada has continually evolved, leveraging system-level privileges to execute fraud, hijack SMS authentication, and evade detection. This latest campaign marks a concerning escalation, as attackers potentially exploit supply chain flaws to deploy firmware-level malware on counterfeit devices.

Web Desk

Recent Posts

US-Iran tensions spark fears of fuel price hike in Pakistan

ISLAMABAD: Escalating tensions between the United States and Iran have once again unsettled global oil…

4 minutes ago

ICC Arbitration Puts Pakistan’s Energy Sector Under Pressure

ISLAMABAD: Pakistan's energy sector is headed for another high-stakes international commercial arbitration, with Petrosin CNG…

34 minutes ago

5-Year employees asked to submit documents

PESHAWAR: Documents have been sought from employees who have completed 5 years of service for…

1 hour ago

Hot, Humid weather to continue, Rain expected

ISLAMABAD: The Meteorological Department has predicted rain with thundershowers in various cities. According to the…

1 hour ago

Suzuki Cultus new prices revealed in Pakistan

ISLAMABAD: Pak Suzuki’s latest financing policy has released the prices of all Cultus variants, total…

2 hours ago

Farrukh Khokhar arrested after court hands down life sentence in Majid Satti murder case

RAWALPINDI: Farrukh Khokhar was arrested inside the courtroom on Monday after a Rawalpindi court sentenced…

3 hours ago