New Trinda Malware Targets Android Devices by Replacing Phone Numbers During Calls

Kaspersky Lab has uncovered a new version of the Triada Trojan, a sophisticated malware targeting Android devices.

This variant has been found pre-installed in the firmware of counterfeit smartphones mimicking popular models, often sold at discounted prices through unauthorized online stores.

The malware poses significant risks to users, with more than 2,600 cases reported globally, primarily in Russia.

The Trojan infiltrates the system framework of infected devices, embedding itself into every process on the smartphone.

This enables attackers to exert nearly unlimited control over the device.

The malware’s capabilities include stealing user accounts from messaging apps like Telegram and TikTok, intercepting and manipulating SMS messages, and replacing cryptocurrency wallet addresses to divert funds during transactions.

It can also monitor browser activity, redirect links, and replace phone numbers during calls to reroute communications to attackers’ desired contacts.

Supply Chain Compromise and Financial Impact

Experts believe the malware enters devices ...