A new version of Triada spreads embedded in the firmware of Android devices
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Kaspersky researchers have discovered a new version of the Triada Trojan being distributed through infected Android device firmware. The malware is embedded into system files before devices are sold, making it nearly impossible to remove. It infects the Zygote process to compromise all apps on the device. The Trojan's modular architecture allows attackers to deliver targeted payloads for stealing cryptocurrency, credentials, and other sensitive data from popular apps like WhatsApp, Facebook, and banking apps. It can also intercept SMS messages, make calls, and act as a reverse proxy. Over 4,500 infected devices have been detected worldwide, with the highest numbers in Russia, UK, Netherlands, Germany and Brazil. The attackers have stolen over $264,000 in cryptocurrency so far.
OPENCTI LABELS :
trojan,android,reverse proxy,credential theft,cryptocurrency,firmware,triada,sms interception
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
A new version of Triada spreads embedded in the firmware of Android devices