Technology lovers and TV Box enthusiasts are being confronted by a silent and hidden threat. Security researchers reveal the extent of a virus network, which has already infected more than 74,000 Android devices worldwide.
Called BADBOX, this malware network focused its attention on entertainment-oriented devices, such as the popular TV Boxes.
see more
Ministry of Education evaluates whether THESE higher education courses can be…
Hole in the ozone layer grows exponentially and is now three times…
What is even more alarming is that the malware was factory loaded on the devices, especially on devices from Chinese manufacturers.
The contamination occurred through malicious applications, which opened advertisements in a hidden way, generating clicks and engagement without the user noticing.
While criminals accumulated financial gains, device owners were unaware of the presence of harmful software on their TV Boxes.
The BADBOX malware campaign managed to reach a vast reach, covering at least 227 countries, including Brazil.
This was in part due to the low cost of set-top boxes and the availability of these items at major global retailers.
Some of the most popular among those infected in Brazil included models such as T95, T95Z, T95MAX, X88, Q9, X12PLUS and MXQ Pro 5G.
(Image: Shutterstock/Reproduction)
Among BADBOX's main threats was a malware known as Triada, which has been active since 2016 and is capable of infecting all components of a device. Android.
Such malware allowed the download of modules focused on scams involving advertisements, displayed imperceptibly to the user.
Another pest, called Peachpit, generated a massive ad overload, with more than four trillion requests per day through 39 contaminated applications.
Although harmful software was found for iOS, the scope of the malware campaign on Apple's platform was considerably smaller due to operating system restrictions.
Although BADBOX's main focus was ad fraud, the malware responsible for the infection had additional capabilities, such as installing new viruses by criminals.
Furthermore, contaminated devices could be used in spam dissemination campaigns, creating fake accounts in email and messaging services, or even data theft, all without the knowledge of the user.
At the time Human Security released the information, the servers responsible for Peachpit were no longer active, which could indicate the end of the wave of attacks or the reconfiguration of the campaign in malware for future actions.
To combat this danger, researchers contacted device manufacturers, informing them about the presence of malware in their products.
An unnamed company released updates that prevented the malicious apps from working on all of its devices, and some of the contaminated apps also received fixes.
In today's connected world, the discovery of the BADBOX network serves as a reminder that digital security is a constant concern, no matter how harmless devices may seem.
As researchers and manufacturers work to protect consumers, it is crucial that users also remain vigilant and aware of the security of their devices. entertainment.