Endpoint/Device Security, Malware, Security Staff Acquisition & Development

Tens of thousands of Android devices compromised by BadBox operation


Click for more special coverage

More than 70,000 low-cost Android smartphones, tablets, and connected TV devices from one or more Chinese manufacturers have been compromised by the Badbox cybercriminal operation with the Triada malware prior to being sold to consumers, reports SecurityWeek.


Some of the Triada-laced devices were present across U.S. public school networks, a report from Human Security revealed. Infection with Triada enabled the deployment of the PeachPit ad fraud scheme, which depended on up to 121,000 Android and 159,000 iOS devices, as well as 39 apps, to facilitate the sale of victim networks and the establishment of malicious WhatsApp and Gmail accounts.

While PeachPit was dismantled by Human Security and BadBox command-and-control servers have since been taken down, organizations have been urged to remain vigilant amid the potential threat posed by the operation.

"The threat actors behind BadBox could develop entirely new schemes and deploy them on BadBox-infected devices without any interaction from the devices' owners," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.