Android smartphones sold online at discounted prices are being shipped with hidden malware that can steal crypto and personal data, according to an April 1 report from the cybersecurity firm Kaspersky.
The malware, known as Triada, allows attackers to access nearly everything on the phone. It can read text messages, gather login details, and change cryptocurrency wallet addresses during transactions. This lets the attackers quietly move funds to their own accounts without the user noticing.
Kaspersky found that around $270,000 of digital assets had already been moved to wallets linked to the attackers. However, this number may be higher, especially since they also targeted Monero
Did you know?
Subscribe – We publish new crypto explainer videos every week!
What is a DAO in Crypto? (Animated Explanation)
What makes the threat harder to detect is that the malware is installed before the phone ever reaches the buyer. Some sellers may be unaware that the devices they offer are already compromised. Kaspersky’s experts believe that somewhere along the supply chain—perhaps during production or shipment—the phones are being tampered with.
Over 2,600 infections have been confirmed, mostly in Russia, and all reported within the first three months of 2025. Triada, which has been around since 2016, was initially used to target financial apps and messaging platforms like WhatsApp and Gmail, which often spread through fake apps or misleading links.
According to Dmitry Kalinin from Kaspersky, Triada remains one of the most serious threats to Android users, as it gives attackers ongoing access without the victim realizing it.
On March 28, ThreatFabric, a cybersecurity company, discovered an Android malware called Crocodilus. How does this malware work? Read the full story.
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
