Malware-infected devices sold through major retailers expose a significant monetization method employed by cyber-criminals. The scheme, known as BADBOX, involves the sale of backdoored off-brand mobile and CTV Android devices originating from China. These infected devices can steal personal information and carry out fraudulent activities. The operation is deceptive and dangerous, as it is difficult for users to detect the compromise. #Malware #Cybercrime #Retailers #BADBOX

A collaboration between Human Security, Google, and Apple disrupted the ad fraud operation called PEACHPIT, which was hidden within BADBOX. This operation defrauded the advertising industry using methods such as hidden ads and malvertising. The collaboration aimed to protect the advertising industry and raise the cost for cyber-criminals. #AdFraud #PEACHPIT #Cybersecurity #Collaboration

Human Security's research team observed more than 74,000 infected Android-based devices, including mobile phones, tablets, and CTV boxes. Even after a factory reset, the BADBOX-infected devices remain compromised. The ability of BADBOX to infiltrate trusted e-commerce platforms and retailers makes it particularly dangerous. #AndroidDevices #SecurityCompromise #FactoryReset

The Triada malware is used as a backdoor on these devices, connecting them to a command-and-control server on first boot. This ensures persistent access and control by the cyber-criminals. #TriadaMalware #BackdoorAccess

The sale of malware-infected devices poses a significant threat to users' privacy and security. Users are advised to be cautious when purchasing off-brand devices, especially from untrusted sources. Regularly updating device software and using reliable security measures can help mitigate the risk of infection. #PrivacyThreat #SecurityRisk #DeviceSafety

https://www.infosecurity-magazine.com/news/malware-infected-devices-retailers/