The Federal Office for Information Security (BSI) in Germany has taken decisive action against a wave of malware-infected digital picture frames and media players connected to the Internet.
Known as BadBox, this malware was discovered pre-installed on up to 30,000 devices in Germany, primarily due to outdated Android versions. The BSI has now intervened by blocking communication between these devices and the malware’s control servers.
Pre-installed Malware and Risks
The BadBox malware poses several significant threats to users. It can stealthily create accounts for email and messenger services, facilitating the spread of fake news.
Additionally, BadBox can execute ad fraud by secretly accessing websites in the background. Perhaps most concerning is its ability to function as a residential proxy, allowing unknown third parties to use the victim’s internet connection for cyberattacks and illegal activities, thereby risking the user’s IP address being linked to criminal offenses.
BadBox can also download further malware, amplifying its harmful potential. The BSI has implemented a sinkhole measure under Section 7c of the BSI Act (BSIG) in response to the threat. This involves redirecting the communication of compromised devices away from the attackers’ servers.
The measure currently impacts providers with over 100,000 customers, ensuring no immediate risk to users as long as the sinkholing remains active.
BSI President Claudia Plattner highlighted the widespread malware issue on outdated internet-enabled products.
“Outdated firmware versions pose a huge risk,” she warned, emphasizing the shared responsibility of manufacturers, retailers, and consumers. Plattner advocates for cybersecurity to be a key consideration when purchasing devices. BSI said.
The BSI urges consumers to disconnect potentially infected devices from the internet or cease using them altogether, as the risk is not limited to picture frames and media players but extends to other classes, including smartphones and tablets.
Consumers are often alerted to potential infections via notifications from telecommunications providers based on IP address monitoring.
Due to the products being sold under various names, the BSI cannot specify exact models, urging consumers to take such notifications seriously.
The BSI recommends consumers verify devices’ security features before purchase, ensuring they come from reputable manufacturers and run current operating system versions. For more advice on securing smart home devices, the BSI offers resources on their website under “Smarthome – securely networking your living space.”
This action by the BSI underscores the importance of staying informed about cybersecurity threats and taking proactive measures to protect personal devices and networks.
Staying informed about cybersecurity threats and proactively protecting personal devices and networks are important.