黑客正在使用Triada Trojan惡意軟件預加載Android手機來竊取加密貨幣

想像一下：以折扣價購買全新的Android手機，但後來發現黑客從一開始就一直在監視您。

Imagine this: purchasing a brand new Android phone at a discount, only to find out later that hackers have been monitoring you from the beginning. That is precisely what is happening with thousands of individuals who accidentally bought counterfeit Android smartphones with a lethal malware known as the Triada Trojan.

想像一下：以折扣價購買全新的Android手機，但後來發現黑客從一開始就一直在監視您。這正是成千上萬的人，他們意外購買了用致命的惡意軟件（稱為Triada Trojan）購買的偽造偽造智能手機。

Cybersecurity company Kaspersky recently discovered that the phones, which were also being sold online at discounted rates, come pre-installed with this malware that grants hackers full control over the phone.

網絡安全公司卡巴斯基（Kaspersky）最近發現，這些手機也以折扣價在線銷售，並已預裝在此惡意軟件上，該惡意軟件使黑客完全控制了手機。

How This Malware Steals Your Money and Data

該惡意軟件如何竊取您的金錢和數據

According to Dmitry Kalinin, a cybersecurity expert at Kaspersky, the Triada Trojan allows hackers to do pretty much anything they want with an infected phone. The most dangerous trick it pulls? Stealing cryptocurrency. When users try to send crypto, the malware silently changes wallet addresses, directing funds straight into the hackers’ pockets.

根據卡巴斯基（Kaspersky）的網絡安全專家Dmitry Kalinin的說法，Triada Trojan允許黑客使用受感染的手機做他們想要的幾乎所有事情。它拉的最危險的把戲？竊取加密貨幣。當用戶嘗試發送加密貨幣時，惡意軟件會默默地更改錢包地址，直接將資金直接引導到黑客的口袋中。

Kaspersky researchers found that at least $270,000 worth of crypto has already been stolen, but the actual amount could be much higher. The attackers also target Monero (XMR), a privacy-focused cryptocurrency that’s difficult to trace.

卡巴斯基的研究人員發現，至少價值270,000美元的加密貨幣已經被盜，但實際數量可能更高。攻擊者還針對Monero（XMR），這是一種以隱私為中心的加密貨幣。

The Scary Part: The Malware Is Already on the Phone When You Buy It

可怕的部分：購買時，惡意軟件已經在電話上

This isn’t just any virus you pick up from a bad website or a shady app—it’s already installed on the phone before you even open the box. Kaspersky believes that the malware gets embedded somewhere in the supply chain, meaning even some online sellers may have no idea they are selling compromised devices. That means anyone buying these phones is at risk before they even turn the device on.

這不僅僅是您從糟糕的網站或陰暗應用程序中獲取的任何病毒 - 它甚至在打開盒子之前就已經安裝在電話上。卡巴斯基（Kaspersky）認為，惡意軟件被嵌入供應鏈中的某個地方，這意味著即使有些在線賣家也可能不知道他們正在出售折衷的設備。這意味著任何購買這些手機的人甚至在打開設備之前就處於危險之中。

Who’s at Risk and How to Stay Safe

誰有危險以及如何保持安全

So far, Kaspersky has identified 2,600 infected phones, with most cases showing up in Russia in the first three months of 2025. However, since the Triada Trojan has already present since 2016, it has the capability of showing up anywhere globally. This malware is specifically famous for affecting financial applications, including popular software like WhatsApp, Facebook, and Google Mail.

到目前為止，卡巴斯基已經確定了2,600張受感染的電話，大多數案件在2025年的頭三個月出現在俄羅斯。但是，由於Triada Trojan自2016年以來已經存在，因此它具有全球範圍內出現的能力。該惡意軟件以影響財務應用程序而聞名，包括WhatsApp，Facebook和Google Mail等流行軟件。

To stay safe:

保持安全：

Other New Malware Targeting Crypto Users

其他針對加密用戶的新惡意軟件

Unfortunately, Triada Trojan is not the only threat in the virtual space. Threat Fabric recently discovered another malware that dupes Android users into relinquishing their crypto seed phrases by presenting them with fake login screens. Meanwhile, Microsoft announced on March 18 the discovery of a new remote access trojan (RAT) designed to steal crypto wallets held within Google Chrome extensions.

不幸的是，Triada Trojan並不是虛擬空間中唯一的威脅。威脅面料最近發現了另一種惡意軟件，該惡意軟件通過向偽造的登錄屏幕展示，欺騙了Android用戶，以放棄其加密種子短語。同時，微軟於3月18日宣布，發現了一個新的遠程訪問特洛伊木馬（Rat），旨在竊取Google Chrome擴展中保存的加密錢包。

As cybercrooks grow more savvy, staying safe on the web is more important than ever. If you use cryptocurrency, take the extra step to protect your cash. Watch where you buy your phone, use security software, and be on the lookout for new scams. In today’s age, being informed is your best defense.

隨著網絡魯克人變得越來越精明，在網絡上保持安全比以往任何時候都更為重要。如果您使用加密貨幣，請採取額外的步驟來保護您的現金。觀看您購買手機，使用安全軟件的位置，並註意新騙局。在當今時代，被告知是您最好的防禦。