APT / THREAT GROUP

Triada

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Triada is a remote access trojan (RAT) malware that is used to compromise Android devices in order to steal confidential and sensitive information such as credit card numbers, passwords, bank account information, etc. It also provides a backdoor for attackers to include the device as part of a botnet and perform other malicious activities.

Threat Analysis

Triada is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

Intelligence Reports Mentioning Triada

IT threat evolution in Q1 2026. Mobile statistics
Securelist (Kaspersky)· May 18, 2026
Mobile malware evolution in 2025
Securelist (Kaspersky)· Mar 4, 2026

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

Triadaapk.triada

External Intelligence

Malpedia: apk.triada

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
Triada — APT / Threat Group | Threat Intelligence | CTIWATCH.COM