Massive BADBOX Malware Operation Infects 192,000 Android Devices
Cybersecurity experts have uncovered a vast malware operation, dubbed BADBOX, infecting hundreds of thousands of Android devices worldwide. The malicious software, preinstalled on off-brand electronics, is used for various criminal activities. Over 192,000 devices are currently affected, with the number rising daily.
Bitsight TRACE discovered the BADBOX malware exploiting devices for residential proxying, remote code installation, account abuse, and ad fraud. The operation sells compromised Android TV boxes, smartphones, and other electronics through popular retailers like Amazon, eBay, and AliExpress. The devices are either tampered with during the supply chain or sold with the ability to 'find my device', allowing further remote module installation without permissions.
The backdoor, once activated, can download secondary payloads, allowing further remote module installation without permissions. Over 160,000 unique models have been infected, including a Yandex 4K QLED Smart TV and a T963 Hisense Smartphone. The manufacturer of the affected Yandex TVs remains unidentified. The top affected countries are Russia, China, India, Belarus, Brazil, and Ukraine.
BADBOX is a large-scale cybercriminal operation with a botnet now presumed to be larger than initially thought. With over 192,000 infected devices and counting, it underscores the importance of supply chain security and consumer awareness when purchasing off-brand electronics.
Read also:
- Pablo Escobar's Former Estate 'Hacienda Nápoles' to Be Transformed by Women's Organization
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- SonicWall executive Michael Crean discusses the current state of managed security
- Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
