BadBox, a type of pre-installed malware, has been detected on more than 30,000 internet-connected devices sold globally, as reported by Germany's Federal Office for Information Security (BSI).
BadBox, a type of pre-installed malware, has been detected on more than 30,000 internet-connected devices sold globally, as reported by Germany's Federal Office for Information Security (BSI). The malware presents serious cybersecurity risks to the compromised devices.
This dangerous malware, embedded in device firmware, allows hackers to access sensitive user information, install additional malicious programs, and gain full control of the compromised devices.
The malware primarily targets Android-based devices, including smartphones, tablets, and TV streaming devices, particularly low-cost models often sold via online platforms or resale markets.
To address this, the BSI encouraged users to be vigilant about updating their software, performing factory resets, and purchasing devices from reliable manufacturers to reduce the risk of infection. These devices are preloaded with malware called Triada, which allows hackers to remotely access the device, inject additional malicious code, and use the devices for illegal activities.
BSI reported that the infected devices, like digital picture frames and streaming boxes, can be misused to generate fake email and messaging accounts, spread false information, facilitate advertising fraud, and act as proxies for launching cyberattacks or distributing illegal content. These devices, once compromised, become instruments for cybercriminals, posing serious security threats.
German cybersecurity authorities explained that they used a technique known as sinkholing to redirect traffic from the infected devices to secure servers, effectively cutting off hacker’s access.
Additionally, the BSI highlighted that all major internet service providers in Germany, with over 100,000 customers, are now legally required to redirect BadBox traffic to the sinkhole.
While the BSI did not reveal the names of the manufacturers of the affected devices, they advised customers who received warnings to disconnect these devices from the internet or stop using them. However, they cautioned that older devices or those without up-to-date software continue to be at risk.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.