<ul><li>Cheap Chinese Android phones are being shipped with trojanized WhatsApp and Telegram clones designed to steal cryptocurrencies through address swapping.</li><li>The campaign targets low-end phones resembling well-known models and embeds malware in pre-installed apps.</li><li>Attackers spoof device specifications to make phones appear as Android 14 with better hardware, fooling users and apps.</li><li>The malware, dubbed Shibai, uses hidden modules to hijack updates, replace crypto wallet addresses, and exfiltrate chat data.</li></ul>

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Discover more