Hot topics

Malicious Code Found in Bargain Phones: Protect Your Data!

smartphone hand
© nimito / shutterstock.com

Read in other languages:

A cheap smartphone offer can seem extremely tempting at first glance. But anyone who falls for such bargains risks high costs afterwards. Security researchers warn that behind this is hidden malicious code that is already installed on some devices as standard.

When shopping online, buying well below the usual market price when the opportunity arises is particularly tempting. But this decision can quickly backfire. This is because fake Android smartphones that are delivered with a pre-installed Trojan are currently appearing. These devices look like models from well-known brands, but can do much more than just make phone calls: they can spy on apps, read chats, take over accounts, manipulate payments, or even take out unwanted paid subscriptions. And all this without the need to introduce an additional virus - the malware "Triada" is already deeply embedded in the firmware of the devices when they are delivered.

Triada is Embedded in the System

The IT security service provider Kaspersky is warning us about a newer version of the Triada malware. The malicious code is presumably intended to reach counterfeit devices that can be found in online stores via manipulated components within the supply chain. Particularly insidious: Triada is already active when the smartphone is first switched on - hidden in the system partitions. This makes the Trojan almost impossible to remove without expert help.

Triada gains comprehensive access rights to all running apps, and specific modules have been specially created with popular applications in mind. One example: In WhatsApp, a module collects data every five minutes and sends it to an external C2 server. Meanwhile, another module ensures that the Trojan can independently send, receive, or delete messages.

But that's not all. The malware can also read incoming SMS messages and even respond to them. In this way, those affected are registered unnoticed for paid services. As many tools use SMS for two-factor authentication, there is also a risk that other online accounts will be taken over, even if they are not linked to the infected smartphone.

Crypto and Banking Users are Particularly at Risk

Anyone who owns cryptocurrencies must be particularly vigilant. This is because the malware searches the clipboard for wallet addresses and replaces them with an address controlled by the attacker. Payments can thus be secretly redirected. According to the German Federal Office for Information Security (BSI), Triada can also manipulate other financial transactions. In addition, the Trojan can download and install malware from the Internet on its own. A detailed list of all known functions of the Triada malware can be found in Kaspersky's full report.

Smartphone Users Must Be Careful

It is safest to buy smartphones exclusively from official and authorized dealers. This significantly reduces the risk of catching a manipulated device. A virus scanner can also help detect Triada's presence under certain circumstances. It is also advisable to pay attention to any unusual behavior of your own device. For example, if advertising pages suddenly appear unexpectedly while surfing because URLs have been redirected, this can be an indication of malware.

If an infection is suspected, the device should no longer be used for sensitive activities such as online banking or other financial transactions. Kaspersky also advises logging out of chat apps and social networks and changing all passwords. A complete clean-up of the system requires the firmware to be overwritten, a step that can only be taken with the appropriate technical knowledge. If you are unfamiliar with this, you should contact the manufacturer or a specialist.

Best Smart Speaker With Amazon Alexa 

  Editor's choice Best smart home control center Best price-performance ratio Best sound Best sound supplement Best display
Product
Product image Amazon Echo Dot (5. Gen) 2022 Product Image Amazon Echo Hub Product Image Amazon Echo (4.Gen) Product Image Amazon Echo Studio Product Image Amazon Echo Sub Product Image Amazon Echo Show 10 (3rd. Gen) Product Image
Review
Review: Amazon Echo Dot (5. Gen) 2022
Review: Amazon Echo Hub
Not yet tested
Review: Amazon Echo Studio
Not yet tested
Not yet tested
Price Compariosn
Go to comment (0)
Artem Sandler

Artem Sandler
Editor

Artem is interested in all kinds of technological marvels — from electric cars to smartphones and smart rings. That's why he studied technical journalism and innovation communication. He is also interested in niche topics like cybercrime and data security. He was no doubt disturbed at the dystopian future after watching sci-fi films before, but after studying, he realized that truth is stranger than fiction.

To the author profile
Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
No comments
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing