The number of malicious programs found on fake Android devices is increasing in Russia. Attackers infect smartphones during flashing and then sell them, including online. This was announced by Mikhail Gerber, Director of the Consumer Business Department at Kaspersky Lab, during SPIEF-2025.
I will tell you about one case specific to Russia, which we observed in connection with the growth in the volume of Android devices that are sold in our country, including on online platforms and online stores. We are seeing an increase in the amount of malware that is found in the firmware of the phone itself. The user is already buying an infected smartphone, apparently a fake one... Such threats are especially technically complex.
Malicious software allows attackers to obtain data from accounts in messengers and social networks, change numbers during calls and send messages, as well as steal cryptocurrency. At the same time, the victim cannot detect these actions.
To prevent such situations, the expert advises purchasing phones from trusted brands and at official points of sale.
Earlier in Russia, the first cases of using SuperCard malware were discovered. This is a modified version of the NFCGate program, which intercepts bank card data. Attackers are actively testing it on clients of Russian banks after successful attacks in Europe, especially in Italy.
Read more on the topic:
Malware is slipped in with useful programs: Russians warned about fake KeePass
Hackers break into smart devices in homes and make them "work" for them
Unicorn spy virus attacks Russian developers and suppliers of electronic components