Germany's Federal Office of Information Security (BSI) announced the disruption of the BADBOX malware operation, affecting at least 30,000 internet-connected devices with pre-installed malware.
The BSI stated that the infected devices, including digital picture frames and media players, commonly have outdated Android versions and were shipped with pre-installed malware.
HUMAN's Satori team described BADBOX as a 'complex threat actor scheme,' deploying Triada Android malware on low-cost devices by exploiting weak supply chain links.
The operation is linked to an ad fraud botnet called PEACHPIT, designed to spoof popular apps and sell fake impressions through programmatic advertising.
Collection
[
|
...
]