Triada Trojan Case

A modified version of what’s app messaging for android has been trojanized to serve malicious payloads, display fullscreen ads and sign up device owners for unwanted premium subscriptions. Modding is modified versions of legitimate apps and they are designed to perform functions not originally conceived or intended by app developers. The Triada trojan gathers unique device identifiers, which is sent to remote server that responds back with a link to a payload that’s downloaded and decrypted.