Germany’s Federal Office for Information Security (BSI) sinkholed internet traffic originating from Germany and going to the command and control servers of the BADBOX malware group, BSI writes on its website.
The malware was first detected in October 2023 by Human Security, a company specialized in detecting advertising fraud. The BADBOX group, which originates from China, assembled a botnet of over 280,000 systems by hiding its malware in malicious Android and iOS apps and inside the firmware of Android TV streaming boxes.
Human Security said the BADBOX group operated out of China and most likely had access to hardware supply chains where its members could deploy the malicious firmware on streaming boxes. BADBOX affects consumers from both the public and private sector.
The BSI says all German internet service providers with over 100,000 clients are now mandated by law to redirect BADBOX traffic to its sinkhole. A sinkhole is a server designed to capture malicious traffic and prevent control of infected devices by the criminals who infected them.
It is reportedly the first time the German BSI has sinkholed a malware operation on its own. Prior to that, the BSI did this as part of international efforts targeting cybercrime operations.
- Hirom ( @Hirom@beehaw.org ) 5•12 days ago
They should force a recall.
- B0rax ( @B0rax@feddit.org ) 5•12 days ago
A recall of cheap Android streaming boxes dropshipped from China? Ha!
- Hirom ( @Hirom@beehaw.org ) 1•11 days ago
If not the chineese manufacturer, then whoever is importing them .
- B0rax ( @B0rax@feddit.org ) 5•11 days ago
You don’t understand. The end user is the importer. That’s the whole idea behind aliexpress, temu and others. They don’t need to adhere to any local laws because the customer directly shops on the Chinese website.
- Hirom ( @Hirom@beehaw.org ) 5•10 days ago
Temu sure wish they didn’t, but they do in fact need to adhere to local laws in juridictions where they’re doing business.
There already are complaints against Temu for noncompliance to EU regulation. For instance https://www.beuc.eu/sites/default/files/publications/BEUC-X-2024-046_Temu_Why_the_fast-growing_online_marketplace_fails_to_comply_with_the_DSA.pdf
It may be trickier to enforce law against Temu vs a more classic and direct seller of goods, so it may take more time, and it may become a game of whack a mole, but there will be some enforcement.
- sculd ( @sculd@beehaw.org ) 1•11 days ago
Yeah, those streaming boxes were always problematic I used to have one years ago and detected suspicious traffic Pulled it out immediately