Time
and
time
again, researchers have found numerous compromised Android
devices
for sale at large online retailers like Amazon. When these devices get
individually
reported, we have seen some
noted
efforts to take them down. But this is a systemic problem and Amazon and other major online retailers must make a corresponding systemic and intentional effort to stop these devices from entering people’s homes and ultimately their networks.
As a refresher: Last year, Google
wrote
that one major campaign, deemed
BADBOX
, affected 10 million uncertified devices that were running Android’s open-source software (Android Open Source Project or AOSP). These devices span from TVs and streaming devices to digital picture frames.
Even now
, someone can go on Amazon and Walmart and buy one of these devices. Not all of them come from Amazon and Walmart, but it’s fair to assume since they have the
lion’s share of the market
.
Most well-known Android-based devices don’t come with just “stock Android.” The operating system is usually Android plus additional features that the manufacturer wanted. These custom versions of Android often come with pre-installed applications that range from useful to innocuous bloatware to actual malware. Many Android OEMs (original equipment manufacturers) pre-install apps that may not be visibly represented by an icon in your list of installed apps. This obscurity makes the issue particularly hard for users to identify any potential threats.
Since the initial BADBOX analysis, there have been
more
reports
of large campaigns and clusters of
different devices
participating in malicious activities that utilize people’s home networks to engage in illegal activity. Task forces in the private sector have made
an effort
to take down these existing
Command and Control
structures, but
these actors may pivot and evolve
to flood the market with more devices.
Online retailers can stop this cycle. A multi-billion dollar company like
… [more]
