Cheap Phones, Expensive Mistake: Hackers Sell Infected Android Devices to Steal Crypto

Snagged a bargain Android phone? You might have just bought a crypto-stealing machine.

Cybersecurity experts at Kaspersky Labs have uncovered a sophisticated scam where fake Android smartphones are sold preloaded with malware, designed to steal cryptocurrencies and sensitive user data.

💀 Trojan Horse “Triada” Hidden Deep in Device Firmware 🔹 Hackers are embedding the Triada malware directly into the firmware — even before the phones reach customers

🔹 Once activated, Triada can replace crypto wallet addresses, silently diverting funds

🔹 It also intercepts two-factor authentication, reads messages, and steals account information

“Triada gives attackers nearly full control over the infected device,” warns Dmitry Kalinin, cybersecurity specialist at Kaspersky.

💸 Over $270,000 Stolen — Likely More Blockchain analysis revealed that hackers have already transferred at least $270,000 worth of various cryptocurrencies.

The real figure may be even higher, especially since some of the funds were stolen in Monero (XMR) — a privacy coin known for being untraceable.

📉 2,600+ Infected Devices Found (and Counting) 🔹 Kaspersky has confirmed over 2,600 infected smartphones

🔹 Russia has the highest number of affected users

🔹 The malware has already spread to multiple countries

🛒 Retailers Often Unaware They're Selling Ticking Time Bombs Kalinin suspects that the infection occurs somewhere in the supply chain, not necessarily at the retail level:

“Retailers may not even realize they’re selling phones loaded with Triada.”

🦠 A Familiar Threat Returns Stronger The Triada Trojan has been around since 2016, traditionally spreading through: 🔹 Malicious downloads

🔹 Phishing campaigns

🔹 Popular apps like WhatsApp, Facebook, and Gmail

🛡️ How to Stay Safe Kaspersky Labs strongly advises: 🔹 Purchase devices only from trusted sellers

🔹 Install security software immediately after purchase

🔹 Never share your seed phrases or private keys unless you’re 100% sure you’re protected

🚨 Crypto Malware Is Evolving Fast Other cybersecurity firms are also raising alarms about new crypto-focused threats.

🔹 Threat Fabric recently identified malware that overlays fake UIs to phish seed phrases

🔹 Microsoft discovered a new remote access trojan (RAT) targeting crypto stored in 20+ browser wallet extensions

🧠 In crypto, what seems cheap can cost you everything.

#hackers , #StaySafe , #hacking , #CryptoSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies! Notice: ,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“