Rising Threat: Android Devices Shipped with Preinstalled Malware

October 10, 2023
Jamie Davidson
3 Min Read
October 10, 2023
android malware lyons teaser vjofeo

In a recent revelation, a significant number of Android devices, particularly streaming boxes, have been found to be shipped with preinstalled malware. This alarming discovery has raised concerns about the security of devices right out of the box.

Key Highlights:

  • T95 and similar knockoff streaming boxes are the primary culprits.
  • Two main trojans identified: BadBox and PeachPit.
  • BadBox has affected over 74,000 Android devices globally.
  • The malware operates through firmware backdoors installed via the regular hardware supply chain.
  • PeachPit serves ads for low-quality apps that further infect devices.
  • The cybercriminal operation, named BadBox by Human Security, is intricate and has a global reach.

The Depth of the Issue:

The issue came to light when it was discovered that if you’ve purchased a T95 or a similar knockoff streaming box running Android, there’s a high likelihood that your unit was shipped with preinstalled malware. But this isn’t just any malware. The devices are potentially infected with two different trojans: BadBox and PeachPit. Both are highly malicious and have been causing havoc in the digital realm.

BadBox, in particular, has spread its tentacles far and wide, affecting over 74,000 Android devices across the world. It isn’t just another malware but a complex interconnected series of fraud schemes. At its core, BadBox is a collection of firmware backdoors installed through the regular hardware supply chain. Once these devices are activated and connected to a network, they instantly link to a command-and-control server, receiving further malicious instructions.

PeachPit, on the other hand, is the ad fraud component of BadBox. It immediately starts serving ads for low-quality apps. When unsuspecting users install these apps, their devices get infected with more malicious code.

The Global Spread:

The cybercriminal operation, dubbed “BadBox” by Human Security, is not just sophisticated but has a global footprint. The malware doesn’t limit itself to the T95 devices. It has spread to other set-top boxes, including T95Z, T95Max, X88, Q9, X12Plus, and MXQ Pro 5G. Additionally, an Android tablet named J5W has also been affected.

These T95 and knockoff boxes, often priced below $50, are tempting for many users. Their affordability, combined with the lack of branding or various names under which they are sold, makes them prevalent in online retail spaces.

Protecting Yourself:

The solution might seem straightforward: avoid buying knockoff set-top boxes or devices. However, the real challenge lies in identifying these knockoffs, especially when shopping online. It’s crucial to research the brand or device name before making a purchase. If there’s a lack of information or if the available information doesn’t vouch for the brand’s legitimacy, it’s best to steer clear.

Another protective measure is to avoid clicking on ads, especially those with typos, unfamiliar brand names, or offers that seem too good to be true. Google has taken steps by removing the malicious apps from the Google Play Store, but the BadBox vulnerability remains a threat. The best defense is to be cautious about purchasing hardware and installing only essential apps.

Summary:

The discovery of preinstalled malware on Android devices, especially streaming boxes, has raised significant security concerns. With trojans like BadBox and PeachPit in play, the threat is real and global. While protective measures are available, the onus is on users to be vigilant and make informed choices to safeguard their devices.

FacebookXWhatsAppReddit

About the author

View All Posts
Jamie

Jamie Davidson

Jamie is the Senior Rumors Analyst at PC-Tablet.com, with over 5 years of experience in tech journalism. He holds a postgraduate degree in Biotechnology, blending his scientific expertise with a deep passion for technology. Jamie plays a key role in managing the office staff writers, ensuring they stay informed with the latest technological developments and industry rumors. Known for his quiet nature, he is also an avid Chess player. Jamie’s analytical skills and dedication to following tech trends make him an essential contributor to the team, helping to maintain the site’s reputation for timely and accurate reporting.

Web Stories

5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget
5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget
5 Best Laptop of 2024
5 Best Laptop of 2024
5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More!
5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More!
6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager
6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager
5 Best Lightweight Laptops for High School and College Students
5 Best Lightweight Laptops for High School and College Students
5 Best Bluetooth Speaker in 2024
5 Best Bluetooth Speaker in 2024
6 Best Android Phones Under $100 in 2024
6 Best Android Phones Under $100 in 2024
6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio
6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio
Best Macbook Air Deals on 13 & 15-inch Models Start from $149
Best Macbook Air Deals on 13 & 15-inch Models Start from $149
View all stories
5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget 5 Best Laptop of 2024 5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More! 6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager 5 Best Lightweight Laptops for High School and College Students 5 Best Bluetooth Speaker in 2024 6 Best Android Phones Under $100 in 2024 6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio Best Macbook Air Deals on 13 & 15-inch Models Start from $149