azorius.net

German cybersecurity watchdog warns of pre-installed malware on IoT devices linked to China
from thelucky8@beehaw.org to technology@beehaw.org on 14 Dec 14:53
https://beehaw.org/post/17565331

Archived (in German)

Germanyā€™s Federal Office for Information Security (BSI) sinkholed internet traffic originating from Germany and going to the command and control servers of the BADBOX malware group, BSI writes on its website.

The malware was first detected in October 2023 by Human Security, a company specialized in detecting advertising fraud. The BADBOX group, which originates from China, assembled a botnet of over 280,000 systems by hiding its malware in malicious Android and iOS apps and inside the firmware of Android TV streaming boxes.

Human Security said the BADBOX group operated out of China and most likely had access to hardware supply chains where its members could deploy the malicious firmware on streaming boxes. BADBOX affects consumers from both the public and private sector.

The BSI says all German internet service providers with over 100,000 clients are now mandated by law to redirect BADBOX traffic to its sinkhole. A sinkhole is a server designed to capture malicious traffic and prevent control of infected devices by the criminals who infected them.

It is reportedly the first time the German BSI has sinkholed a malware operation on its own. Prior to that, the BSI did this as part of international efforts targeting cybercrime operations.

#technology

threaded - newest

Hirom@beehaw.org on 14 Dec 21:22 next collapse

They should force a recall.

B0rax@feddit.org on 14 Dec 21:37 collapse

A recall of cheap Android streaming boxes dropshipped from China? Ha!

Hirom@beehaw.org on 15 Dec 12:46 collapse

If not the chineese manufacturer, then whoever is importing them .

B0rax@feddit.org on 15 Dec 12:53 collapse

You donā€™t understand. The end user is the importer. Thatā€™s the whole idea behind aliexpress, temu and others. They donā€™t need to adhere to any local laws because the customer directly shops on the Chinese website.

Hirom@beehaw.org on 15 Dec 22:23 collapse

Temu sure wish they didnā€™t, but they do in fact need to adhere to local laws in juridictions where theyā€™re doing business.

There already are complaints against Temu for noncompliance to EU regulation. For instance beuc.eu/ā€¦/BEUC-X-2024-046_Temu_Why_the_fast-growiā€¦

It may be trickier to enforce law against Temu vs a more classic and direct seller of goods, so it may take more time, and it may become a game of whack a mole, but there will be some enforcement.

sculd@beehaw.org on 16 Dec 02:08 collapse

Yeah, those streaming boxes were always problematic I used to have one years ago and detected suspicious traffic Pulled it out immediately