Blockchain Security: Counterfeit Android Phones Used to Steal Crypto Assets

Cybersecurity firm Kaspersky has recently uncovered a large-scale scheme involving counterfeit Android smartphones preloaded with malicious software right out of the box. These devices, often sold at suspiciously low prices through unofficial channels, are being used as tools to steal users’ private information and digital assets.

According to Kaspersky, the phones come infected with a modified version of the “Triada” Trojan — an advanced malware strain capable of deeply infiltrating the Android operating system. Once activated, Triada allows attackers to gain near-complete control over the device. This includes the ability to silently alter cryptocurrency wallet addresses during transactions, effectively redirecting funds to the attacker without the user’s knowledge.

The malware also includes sophisticated surveillance features. It can harvest login credentials, intercept SMS messages, and even bypass two-factor authentication (2FA), putting both personal data and digital assets at significant risk.

So far, over 2,600 infected devices have been confirmed globally, with users in several countries affected. Russia has seen the highest concentration of cases, especially during the first three months of 2025 — highlighting the rapid spread of this threat.

Qitmeer Network strongly advises consumers to stay vigilant and avoid purchasing smartphones from unofficial or unverified sources. To protect against such threats, users should install reputable security software immediately after setting up a new device and ensure their systems are regularly updated.

🦉Source: https://qitmeer.io/blogs/312