Researchers have discovered a number of Android streaming boxes, including the popular T95 that are being shipped with pre-installed malware. The malware, dubbed Badbox, is a complex and sophisticated piece of code that can be used to commit a variety of fraudulent activities, including ad fraud, residential proxy services, fake email and messaging accounts and the installation of malicious code.
Badbox is believed to be spread through the regular hardware supply chain, meaning that users are unaware that their devices are infected until after they have purchased and installed them. Once installed, Badbox immediately connects to a command-and-control server to receive instructions.
In addition to the T95, Badbox has also been found on seven other set-top boxes (T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G) as well as an Android tablet (the J5-W). These devices are all relatively inexpensive, which makes them attractive options for many users. However, researchers warn that consumers should be wary of purchasing these devices, as they may be infected with malware.
The sources for this piece include an article in ZDNET.