Summary: Cheap Android smartphones from Chinese manufacturers have been found pre-loaded with trojanized apps, including counterfeit versions of WhatsApp and Telegram, that enable cryptocurrency theft. The malicious software, referred to as Shibai, is designed to intercept and manipulate cryptocurrency transactions, while also harvesting sensitive data and images. This security breach highlights a sophisticated supply chain attack targeting low-cost devices, leading to financial losses for consumers.
Affected: Chinese smartphone manufacturers and their users
Keypoints :
- Trojanized apps pre-installed on low-end smartphones are designed to steal cryptocurrency.
- The malware disguises itself as popular applications and hijacks the app update process to manipulate wallet addresses.
- The campaign is linked to over .6 million in fraudulent transactions, utilizing a complex network of command-and-control servers.
Source: https://thehackernews.com/2025/04/chinese-android-phones-shipped-with.html