Security News > 2023 > October > Backdoored Android phones, TVs used for ad fraud – and worse!

A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced.
Badbox-infected devices are able to steal personally identifiable information, establish residential proxy exit peers, steal one-time passwords, create fake messaging and email accounts, and other unique fraud schemes.
In addition to the Badbox ad fraud module, the Satori team also found a group of Android, iOS, and CTV apps committing similar fraud, independent of the backdoored Badbox devices.
At its peak, Peachpit-associated apps appeared on 121,000 Android devices and 159,000 iOS devices in 227 countries and territories.
No iOS devices were themselves impacted by the Badbox backdoor; they were targeted only by the Peachpit ad fraud attack through malicious apps.
The off-brand devices discovered to be infected were not Play Protect certified Android devices.
News URL
https://www.helpnetsecurity.com/2023/10/04/backdoored-android-devices/
Related news
- Serbian police used Cellebrite zero-day hack to unlock Android phones (source)
- Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone (source)
- Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud (source)
- BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse (source)