黑客正在使用Triada Trojan恶意软件预加载Android手机来窃取加密货币

想象一下：以折扣价购买全新的Android手机，但后来发现黑客从一开始就一直在监视您。

Imagine this: purchasing a brand new Android phone at a discount, only to find out later that hackers have been monitoring you from the beginning. That is precisely what is happening with thousands of individuals who accidentally bought counterfeit Android smartphones with a lethal malware known as the Triada Trojan.

想象一下：以折扣价购买全新的Android手机，但后来发现黑客从一开始就一直在监视您。这正是成千上万的人，他们意外购买了用致命的恶意软件（称为Triada Trojan）购买的伪造伪造智能手机。

Cybersecurity company Kaspersky recently discovered that the phones, which were also being sold online at discounted rates, come pre-installed with this malware that grants hackers full control over the phone.

网络安全公司卡巴斯基（Kaspersky）最近发现，这些手机也以折扣价在线销售，并已预装在此恶意软件上，该恶意软件使黑客完全控制了手机。

How This Malware Steals Your Money and Data

该恶意软件如何窃取您的金钱和数据

According to Dmitry Kalinin, a cybersecurity expert at Kaspersky, the Triada Trojan allows hackers to do pretty much anything they want with an infected phone. The most dangerous trick it pulls? Stealing cryptocurrency. When users try to send crypto, the malware silently changes wallet addresses, directing funds straight into the hackers’ pockets.

根据卡巴斯基（Kaspersky）的网络安全专家Dmitry Kalinin的说法，Triada Trojan允许黑客使用受感染的手机做他们想要的几乎所有事情。它拉的最危险的把戏？窃取加密货币。当用户尝试发送加密货币时，恶意软件会默默地更改钱包地址，直接将资金直接引导到黑客的口袋中。

Kaspersky researchers found that at least $270,000 worth of crypto has already been stolen, but the actual amount could be much higher. The attackers also target Monero (XMR), a privacy-focused cryptocurrency that’s difficult to trace.

卡巴斯基的研究人员发现，至少价值270,000美元的加密货币已经被盗，但实际数量可能更高。攻击者还针对Monero（XMR），这是一种以隐私为中心的加密货币。

The Scary Part: The Malware Is Already on the Phone When You Buy It

可怕的部分：购买时，恶意软件已经在电话上

This isn’t just any virus you pick up from a bad website or a shady app—it’s already installed on the phone before you even open the box. Kaspersky believes that the malware gets embedded somewhere in the supply chain, meaning even some online sellers may have no idea they are selling compromised devices. That means anyone buying these phones is at risk before they even turn the device on.

这不仅仅是您从糟糕的网站或阴暗应用程序中获取的任何病毒 - 它甚至在打开盒子之前就已经安装在电话上。卡巴斯基（Kaspersky）认为，恶意软件被嵌入供应链中的某个地方，这意味着即使有些在线卖家也可能不知道他们正在出售折衷的设备。这意味着任何购买这些手机的人甚至在打开设备之前就处于危险之中。

Who’s at Risk and How to Stay Safe

谁有危险以及如何保持安全

So far, Kaspersky has identified 2,600 infected phones, with most cases showing up in Russia in the first three months of 2025. However, since the Triada Trojan has already present since 2016, it has the capability of showing up anywhere globally. This malware is specifically famous for affecting financial applications, including popular software like WhatsApp, Facebook, and Google Mail.

到目前为止，卡巴斯基已经确定了2,600张受感染的电话，大多数案件在2025年的头三个月出现在俄罗斯。但是，由于Triada Trojan自2016年以来已经存在，因此它具有全球范围内出现的能力。该恶意软件以影响财务应用程序而闻名，包括WhatsApp，Facebook和Google Mail等流行软件。

To stay safe:

保持安全：

Other New Malware Targeting Crypto Users

其他针对加密用户的新恶意软件

Unfortunately, Triada Trojan is not the only threat in the virtual space. Threat Fabric recently discovered another malware that dupes Android users into relinquishing their crypto seed phrases by presenting them with fake login screens. Meanwhile, Microsoft announced on March 18 the discovery of a new remote access trojan (RAT) designed to steal crypto wallets held within Google Chrome extensions.

不幸的是，Triada Trojan并不是虚拟空间中唯一的威胁。威胁面料最近发现了另一种恶意软件，该恶意软件通过向伪造的登录屏幕展示，欺骗了Android用户，以放弃其加密种子短语。同时，微软于3月18日宣布，发现了一个新的远程访问特洛伊木马（Rat），旨在窃取Google Chrome扩展中保存的加密钱包。

As cybercrooks grow more savvy, staying safe on the web is more important than ever. If you use cryptocurrency, take the extra step to protect your cash. Watch where you buy your phone, use security software, and be on the lookout for new scams. In today’s age, being informed is your best defense.

随着网络鲁克人变得越来越精明，在网络上保持安全比以往任何时候都更为重要。如果您使用加密货币，请采取额外的步骤来保护您的现金。观看您购买手机，使用安全软件的位置，并注意新骗局。在当今时代，被告知是您最好的防御。