Warning: If you are infected with this new malware, disconnect your phone from the Internet immediately and get rid of it
Be very careful because a new cyberattack has put thousands of Android users in Germany under surveillance. The Federal Office for Information Security (BSI) has uncovered an operation that affects more than 30,000 IoT devices, including mobile phones, tablets, digital frames and multimedia players.
The hero of this story is BadBox, a malware that is pre-installed on devices from the factory. Simply put, here the user is not to blame for anything, because the virus comes as a gift.
The big problem — as if that weren’t enough — is that this malware is a full-fledged cybercrime. It can steal two-step verification codes, create fake accounts in apps to spread fake news, and even turn your device into a proxy to do all sorts of illegal things with it. All without you even realizing it.
But it doesn’t stop there, because BadBox is also an expert in ad fraud. It simulates clicks on ads to generate fraudulent income.
As expected, the British Bureau of Investigation (BSI) did not stand idly by and implemented a technique called “sinkholing” to cut off the connection between infected devices and the cybercriminals’ servers.
Now, how do you know if your device is infected? If you live in Germany or if the malware has reached other countries, your ISP will tell you about it. And if you receive this notification, the advice is clear: disconnect your device from the Internet immediately. Be careful, this is just the first step.
What’s worrying is that this malware is so well hidden and embedded in the device’s firmware that even a software update can’t completely remove it. The safest, albeit drastic, solution is to factory reset the device or throw it away.
To protect yourself, although you will never be 100% safe, experts recommend buying phones from brands that everyone knows, checking that the devices are security certified, keeping them updated and avoiding connecting them to unprotected networks.