FlagThis

The BADBOX malware campaign has compromised over 30,000 Android devices in Germany, including digital photo frames, media players and possibly smartphones. The malware is pre-installed on the devices, exploiting outdated Android versions. The German Federal Office for Information Security (BSI) has taken action to disrupt the communications between infected devices and command-and-control servers. This campaign highlights the risks associated with insecure supply chains and pre-installed malware on IoT devices, and emphasizes the need for rigorous security checks and device updates to prevent similar incidents.

ImgSrc: www.bleepstatic.com

References:

• @BleepingComputer - Germany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. - 13d
• @cybernews - German authorities blocked 30,000 Android devices with pre-installed malware from connecting to BadBox botnet servers. - 13d
• Over Security - Germany cuts hacker access to 30,000 devices infected with BadBox malware - 13d
• Over Security - Germany sinkholes BadBox malware pre-loaded on Android devices - 13d
• Security Affairs - German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox - 13d
• CyberInsider - BSI Disrupts “BadBox” Malware Pre-Loaded on 30,000 Devices - 13d
• @screaminggoat - BSI (Germany): (German Language) The Federal Office for Information Security (BSI) sinkholed internet traffic originating from Germany and going to the command and control servers of the BADBOX malwar - 13d
• www.bsi.bund.de - BSI (Germany): (German Language) The Federal Office for Information Security (BSI) sinkholed internet traffic originating from Germany and going to the command and control servers of the BADBOX malwar - 12d
• @PCMag - In a disturbing find, a government agency in Germany has discovered that as many as 30,000 Android devices in the country contained preinstalled malware. - 12d
• PCMag.com - 30,000 Android devices found preinstalled with malware in Germany - 12d
• SOCRadar - BadBox Malware Compromises 30,000 Devices in Germany The German Federal Office for Information Security (BSI) has taken decisive action to stop the BadBox malware campaign, which affected over 30,000 - 12d
• The Hacker News - Germany's Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold acro - 12d

Classification:

• HashTags: BadBox Malware IoTsecurity
• Company: Multiple
• Target: Android IoT devices
• Product: Android IoT
• Feature: pre-installed malware
• Type: Malware
• Severity: Medium