Kaspersky researchers have exposed a significant scam involving counterfeit Android smartphones that come preinstalled with malware aimed at stealing cryptocurrency and sensitive information. An estimated 2,600 infections have been confirmed across various countries, predominantly in Russia. These counterfeit devices are offered at significantly reduced prices, but are compromised by the Triada Trojan, which grants attackers extensive control over the devices. Dmitry Kalinin from Kaspersky noted that this version of Triada allows criminals to manipulate devices to intercept communications and steal user data, including two-factor authentication texts. The malware reportedly enabled attackers to transfer around $270,000 worth of cryptocurrencies, which may be higher due to their targeting of untraceable Monero. The Trojan's infiltration likely occurs within the supply chain, meaning even legitimate retailers may unknowingly sell these infected devices. To avoid such risks, Kaspersky advises purchasing smartphones solely from reputable distributors and installing security solutions immediately after acquisition.

Source 🔗