Infection: how marketplace tech becomes a source of viruses
Cybercriminals can sell devices infected with viruses on popular marketplaces, experts have warned. Built-in malware allows cybercriminals to stealthily collect information, control users' actions and use devices for their own purposes, turning them into part of botnets. Read the Izvestia article for details on who sells infected hardware on marketplaces and why.
Why do marketplaces sell equipment with viruses?
The sale of infected equipment on marketplaces is the work of cybercriminals seeking access to user data and systems, says Marina Probets, Internet analyst and expert at Gazinformservice, in a conversation with Izvestia. The motives of attackers may vary: from stealing financial information and personal data to using infected devices for DDoS attacks or cryptocurrency mining.
- It is possible that both individual hackers and organized groups are behind this, using marketplaces as a platform for malware distribution due to their huge audience and relative anonymity," says the expert. - Low prices and seemingly favorable offers often serve as bait for unsuspecting buyers .
In turn, F.A.C.C.T. experts note that there are several approximate ways in which malware can get onto a device for sale. First, the manufacturer can install firmware with malware on it themselves. Second, malicious code during development can get into the firmware, which is then integrated into the device.
The third option is that hardware vendors install new versions of the gadget's firmware, for example, to localize interfaces. And finally, hackers can hack device manufacturers or firmware vendors, replacing the source code with malicious code.
Which appliances are most interesting to hackers
Often, electronic devices such as headphones, radio-controlled toys or e-cigarettes come with only a USB cable without a charger, while the instructions advise users to charge the gadget through a computer's USB port, F.A.C.C.T. said.
- Using a USB port can be a potential attack vector, as it is impossible to know exactly what functions were built into the software of the plug-in device by the developers, as well as how thoroughly it has been tested for vulnerabilities and hidden features," experts say.
In addition, there is a risk of malware infection via USB cables or adapters. One example of such threats is the BadUSB attack, in which attackers use USB devices to gain unauthorized access to computers.
Marina Probets adds that malware is also often found on devices that have access to data or networks, turning them into a kind of "Trojan horse": in addition to USB drives, these include network adapters, routers, IP cameras and other gadgets with connectivity features. This is because these are the devices that give attackers the greatest opportunity to collect information, control and penetrate systems.
- There have been cases when cheap webcams bought on online platforms secretly broadcast video to the Web, turning users' private lives into public domain," says the Izvestia interlocutor. - And children's toys with Wi-Fi were vulnerable, giving hackers the opportunity to eavesdrop on conversations in the house.
Dmitry Galov, head of Kaspersky GReAT in Russia, says that at the end of 2023, the company's specialists discovered the Dwphon Trojan, which attacked Russian users of Android devices. It was embedded in the system applications of smartphones even before the gadgets fell into the hands of users. Dwphon can download various programs, including adware and malware, to a smartphone without the user's knowledge.
How else hackers spread tech with viruses
Meanwhile, according to experts interviewed by Izvestia, attackers are trying to distribute infected equipment not only through marketplaces, but also in many other ways. In particular, according to F.A.C.C.T. experts, there have been cases of criminals sending "gift" USB drives containing malware or leaving them in the offices of victim companies.
- Local cyberthreats that spread via removable media, including flash drives and external disks, remain extremely relevant," says Dmitry Galov. - And among such cyberthreats there may be various types of malicious programs, including stylers and encryptors.
In turn, Marina Probets cites the example of USB drives scattered in the parking lot of a major company. By plugging the flash drive into a computer, employees unwittingly launched malware, opening access to the corporate network. In addition, there have been incidents when a laptop was infected with spyware under the guise of charging a smartphone.
Maxim Alexandrov, an expert of software products of "Security Code" company, reminds that some time ago destructive trap devices were popular. Outwardly, they resembled a portable SSD or a very large flash drive, but inside there was a circuit that, when connected to a computer, accumulated a charge and then, through current converters, produced a high-voltage discharge into the computer.
- After several such discharges, the computer physically failed," says the specialist. - And the attackers left such devices in public places or even hung them on their backpacks, expecting that someone would steal such a "killer" flash drive and connect it to their computer.
How to protect yourself from buying infected electronics
In order to protect yourself from the threats associated with buying infected electronics, experts advise following certain cybersecurity rules. In particular, Ruslan Yugay, a pre-sale engineer for information security at MONT, advises to study the seller's rating and carefully read other buyers' reviews before buying equipment.
- A large number of positive reviews can speak about the reliability of the seller," said the Izvestia interlocutor. - You should also look at when the seller's account was created: old accounts are often more reliable.
Ruslan Yugai also recommends avoiding suspicious marketplaces, where the goods are similar, but their price is underestimated. Suspiciously low price of products may indicate that they are defective or infected. Mikhail Sergeev, a leading engineer at CorpSoft24, adds that lack of warranty and suspicious packaging should also alert you.
If you buy a new gadget - a PC or a smartphone (especially from hand) - install a security solution on it and check the device with it, advises Dmitry Galov. In addition, try not to connect unfamiliar devices to your laptop or PC and check them for malware with the help of protective solutions.
- To charge your device, use an AC adapter and an outlet, avoid connecting your gadget directly to your computer," conclude F.A.C.C.T. experts. - And also use adapters and USB cables only from trusted manufacturers. Avoid using free public charging stations and do not charge other people's or untested devices from your PC.
Переведено сервисом «Яндекс Переводчик»
