BadBox Malware Is Making Its Way Onto Third-Party Devices
As announced by the German Federal Office of Information Security, authorities discovered that several IoT and Android devices were sold with BadBox pre-installed on them. These devices often came with outdated versions of Android, which allowed bad actors to exploit known flaws in the operating system during the production chain.
Because the bad actors slipped the malware in during the device’s production, BadBox is deeply rooted within the system’s files and cannot be removed by conventional means. So, what does BadBox do? Turns out, it can do a scaringly large number of things:
BadBox is able to create accounts for email and messenger services without being noticed , which can then be used to spread fake news. BadBox can also carry out ad fraud by accessing websites in the background . The malware can also act as a residential proxy service . It makes the user’s internet connection available to unknown third parties, who can then use it for criminal activities cyber attacks, distribution of illegal content). This can link the IP address of the affected person to criminal offenses. BadBox can also download additional malware.
The Federal Office of Information Security states that, ideally, the ISP will contact people who have purchased infected IoT botnet devices and warn them about their presence. As a consumer, it’s important that you pay the extra dollar to ensure your products come from reputable and well-known manufacturers. Going for the lesser-known alternatives may be cheaper, but it also opens the doors for malware developers to gain a foothold on your device, even long before you’ve bought it.
