Millions of low-cost devices for media streaming, entertainment in vehicles and video projection are infected with malware that transforms consumer networks into platforms to distribute malware, hide harmful communications and carry out other illicit activities, warned the FBI.
Malware infecting these devices, known as Badbox, is based on Triada, a malicious strain discovered In 2016 by Kaspersky Lab, who called him “one of the most advanced mobile horses” that analysts of the security company have ever encountered. He used an impressive tool kit, including rooting exploits that circumvented integrated safety protections in Android and functions to modify the all-powerful Zygote process of the Android OS. Google has finally updated Android to block the methods used by Triada to infect the devices.
The threat remains
A year later, Triada returned, only this time, the devices came pre-infected before they reach the hands of consumers. In 2019, Google confirmed that the supply of the supply chain had affected thousands of aircraft and that the company had again taken measures to thwart it.
In 2023, the safety company Human Security reported Bigbox, a stolen door derived from the triada which it found preinstalled on thousands of devices made in China. Malware, which estimated human security has been installed on 74,000 aircraft around the world, has facilitated a range of illicit activities, including advertising fraud, residential proximity services, the creation of false Gmail and Whatsapp accounts and infect other devices to the Internet.
