According to ChainCatcher, citing Cointelegraph, the cybersecurity company Kaspersky Laboratory recently discovered a large number of counterfeit Android phones with pre-installed malware being sold online at low prices. These devices are infected with the Triada trojan, which can steal cryptocurrencies and other sensitive data.

According to Kaspersky expert Dmitry Kalinin, attackers have successfully transferred approximately $270,000 worth of various cryptocurrencies by replacing wallet addresses, with actual losses potentially being higher, as the attackers are also targeting the privacy coin Monero. Currently, 2,600 infection cases have been confirmed, primarily concentrated in Russia. The trojan can infiltrate firmware before the device reaches the user, intercept two-factor authentication SMS, and steal account information.

Kaspersky recommends that users only purchase devices from legitimate channels and immediately install security solutions after purchase.