► In brief
- BadBox is malware spotted in Germany
- It infects connected objects
- Few solutions exist at the moment
Maximum alert if you have a connected home: the BSI, for Bundesamt für Sicherheit in der Informationstechnik, or Federal Office for Information Technology Security, has just indicated that it has detected a massive infection of Android devices by the BadBox malware . Primarily designed to generate fraud and disinformation campaigns, the malware seems to be spreading at full speed within Germany and, more broadly, in Europe.
Infected frames and drives
According to information provided by the BSI, BadBox has infected more than 30,000 Android devices in Germany, of all types: digital photo frames, media players, connected objects and, by rebound effect, certain smartphones and tablets. According to initial reports, the malware would be pre-installed on targeted devices; once connected to the Internet, it launches malicious operations on the affected device.
Disinformation and fraud are on the agenda
So what happens when the malware gains access to the Internet? It's very simple: from this moment, BadBox deploys its scripts to grant access to the email account connected to the infected object. From there, it can carry out several types of malicious actions:
- Dissemination of false information by email and messaging
- Sending scam advertising emails
- Advertising served in the background of the infected device
- Opening backdoors to expand the possibilities of malicious actions
How to protect yourself from BadBox?
So, faced with this phenomenon, how can you ensure the security of your devices against BadBox? First of all, you should not count on a secure update: Google indicates that the devices concerned are not integrated into the Play Protect program, and generally have obsolete Android versions. Then, only one action is really effective in putting an end to the malicious actions of BadBox: cutting the link with the network.
Thus, the BSI indicates that the only immediate solution remains to disconnect the affected device from the Internet, in order to at least block possible interactions and isolate the malware. If, for the moment, BadBox has only been reported by the German authorities, keep in mind that it is potentially already operating in the rest of Europe.