Google warns 10M Android users against “BadBox” malware « Euro Weekly News

Google has warned over 10 million Android users to shut off their devices after a malicious “infection,” known as BadBox 2.0, was discovered. The malware is estimated to have affected over 10 million gadgets made in China, and may already have it downloaded by the time it is shipped out to the buyer.

BadBox works via installation onto a device, which hackers and cyber attackers can then use to “infect” the device and gain access to the sensitive information inside. The malware can also run advertising fraud on the device, and hold data for ransom via “ransomware” – asking the owner of the device to pay a fee to avoid having their data leaked.

The malware specifically targets Android users and has been found inside 24 apps on the Google Play Store, which when downloaded, also grants access to the cyber criminals. Efforts have already been made earlier this year, in March, to combat the malware, but experts say that devices such as televisions are still susceptible.

After obtaining the data, the cyber criminals are able to sell it online without the consumer’s knowledge.

Google bites back at BadBox

Google has filed a lawsuit in retribution for the malicious attacks. Said the tech giant of the attacks in their official statement, “​​The BadBox 2.0 botnet compromised over 10 million uncertified devices running Android’s open-source software (Android Open Source Project), which lacks Google’s security protections.” They continued, “Cyber criminals infected these devices with preinstalled malware and exploited them to conduct large-scale ad fraud and other digital crimes.”

Google’s lawsuit specifically targets ad fraud, which is done by three primary methods: hidden ad rendering, which is where hackers create fake apps that appear real and are installed on the compromised devices; web-based game sites, which launch invisible browsers that trigger Google ad views for profit to the hacker; and ad click fraud, which generate revenue for the hacker by performing searches of ads that use monetisation services such as AdSense.

According to reports, affected devices include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. Other tablets and digital projectors with unknown model numbers are also reportedly affected. In order to keep themselves safe from these cyber attacks in the future, experts warn consumers to avoid purchasing suspiciously cheap digital devices, and to ensure the Android devices they do purchase are Google Play Protect certified.