Threat Intelligence Disruption: BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
HUMAN's Satori team uncovered and partially disrupted BADBOX 2.0, a complex fraud operation targeting over 1 million low-cost consumer devices worldwide. The scheme involves a backdoor pre-installed on devices or distributed through unofficial app marketplaces, allowing threat actors to conduct various fraudulent activities. These include selling residential proxy services, ad fraud through hidden ads and WebViews, and click fraud. Four main threat actor groups were identified: SalesTracker, MoYu, Lemon, and LongTV. The operation affects Android Open Source Project devices in 222 countries, with Brazil being the most impacted. Disruption efforts involved collaboration with Google and other partners to mitigate the threat's impact.
OPENCTI LABELS :
botnet,android,iot,ad fraud,badbox,vo1d,ctv,bb2door,residential proxy,consumer devices
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Threat Intelligence Disruption: BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes