Cyber Security News

BADBOX Botnet Surges: Over 190,000 Android Devices Infected, Including LED TVs

The BADBOX botnet, a sophisticated malware operation targeting Android-based devices, has now infected over 192,000 systems globally.

Originally confined to low-cost and off-brand devices, the malware has expanded its reach to include well-known brands such as Yandex 4K QLED TVs and Hisense smartphones.

This alarming development highlights the growing risks of supply chain vulnerabilities in consumer electronics.

BADBOX malware is embedded directly into the firmware of affected devices, meaning that users unbox products already compromised.

Once connected to the internet, these devices immediately establish communication with command-and-control (C2) servers operated by cybercriminals.

The malware’s capabilities include turning infected devices into residential proxies, conducting ad fraud, stealing two-factor authentication codes, and installing additional malicious payloads.

Such activities not only compromise user security but also enable attackers to exploit the devices for broader cybercrime operations.

Supply Chain Compromise at the Core

Researchers believe BADBOX’s infiltration stems from supply chain attacks during manufacturing or distribution.

The malware is thought to be derived from the Triada family of Android malware, known for its stealthy backdoor operations.

Devices infected with BADBOX are sold through popular online retailers, making it nearly impossible for consumers to detect the threat before purchase.

A recent sinkhole operation by cybersecurity researchers revealed over 160,000 unique IPs attempting to connect to a single BADBOX C2 server within 24 hours.

This underscores the botnet’s rapid growth and widespread impact across countries such as Russia, China, India, Brazil, Belarus, and Ukraine.

Implications and Response

According to the Censys report, BADBOX’s ability to infect trusted brands raises serious concerns about supply chain integrity and device security.

The malware operates at a firmware level, making it nearly impossible for users to remove without replacing the entire firmware a task beyond most consumers’ capabilities.

German authorities recently disrupted part of the botnet by sinkholing one of its C2 servers, severing communication for approximately 30,000 devices in the country.

Experts recommend immediate action for affected users: disconnect compromised devices from networks and replace them if possible.

Manufacturers are urged to strengthen their supply chain security measures to prevent future incidents.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Hackers Exploit Windows Remote Management to Evade Detection in AD Networks

A new wave of cyberattacks is targeting Active Directory (AD) environments by abusing Windows Remote…

11 minutes ago

Researchers Uncover Remote Code Execution Flaw in macOS – CVE-2024-44236

Security researchers Nikolai Skliarenko and Yazhi Wang of Trend Micro’s Research Team have disclosed critical…

45 minutes ago

Apache ActiveMQ Vulnerability Allows Attackers to Induce DoS Condition

Critical vulnerability in Apache ActiveMQ (CVE-2024-XXXX) exposes brokers to denial-of-service (DoS) attacks by allowing malicious…

48 minutes ago

Kaspersky Alerts on AI-Driven Slopsquatting as Emerging Supply Chain Threat

Cybersecurity researchers at Kaspersky have identified a new supply chain vulnerability emerging from the widespread…

49 minutes ago

UK Government to Shift Away from Passwords in New Security Move

UK government has unveiled plans to implement passkey technology across its digital services later this…

51 minutes ago

Europol Dismantles DDoS-for-Hire Network and Arrests Four Administrators

Significant blow to cybercriminal infrastructure, Europol has coordinated an international operation resulting in the arrest…

59 minutes ago