JAKARTA - global cybersecurity firm Kaspersky discovered a new version of the levy Trojan, mounted on a fake Android, which is allegedly sold through unauthorized traders.
Based on its findings, this Trojan Trojan installed in more than 2,600 users worldwide has been affected. Where Russia, Brazil, Kazakhstan, Germany, and Indonesia are the targets of the next attack.
Unlike regular mobile malware sent via malicious applications, this SEC variant is integrated into the system's framework, infiltrating every ongoing process.
The new version infiltrates the device at the firmware level even before reaching the user showing a supply chain compromise, Dmitry Kalinin, malware analyst at Kaspersky Threat Research said in an official statement.
When the Trojan is embedded in the system's firmware, the malware will operate undetected and provide the attacker with complete control over the infected device. This allows a wide variety of malicious activity, including:
SEE ALSO:
-
| TEKNOLOGI
Peluncuran Redmi Turbo 4 Pro Ditunda Usai Kecelakaan Maut Mobil Xiaomi SU7
08 April 2025, 05:05 -
| TEKNOLOGI
Modus Baru Fog Ransomware: Kini Ungkap Alamat IP Korban ke Dark Web
28 Maret 2025, 09:45
According to an open source analysis, attackers have disbursed at least USD 270,000 (IDR 4.47 billion) in stolen crypto assets into their wallets, although the actual amount may be higher, Kalinin added.
Kaspersky first detected this variant as Backdoor.AndroidOS.Triada.z in 2016. This latest campaign marks a worrying escalation, as attackers have the potential to exploit supply chain weaknesses to spread firmware-level malware on fake devices.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
