Amazon and AliExpress in the crosshairs of the FTC for the sale of devices with viruses
In an unprecedented case, the Federal Trade Commission (FTC) is under pressure to take action against e-commerce giants like Amazon and AliExpress. The reason? The sale of Android TV set-top boxes and mobile devices that arrive pre-infected with malwareaccording to a letter issued by the Electronic Frontier Foundation (EFF).
These devices, upon connecting to the Internet, initiate immediate communication with botnet command and control servers. In the background, they immerse themselves in a click fraud network, generating fake ad clicks and increasing advertising revenue.
This activity occurs without buyers’ knowledge, leaving them vulnerable to legal risks and no control over their devices.
Despite widespread reports of these security issues, platforms like Amazon and AliExpress continue to sell these devices.. The EFF maintains that this practice is deceptive and that the companies that sell them should take responsibility for removing these products from the market once the presence of malware is confirmed.
The e-commerce giants will pay the price of Google and Android for the sale of devices ‘with malware’
“We believe that the sale of these devices presents a clear example of deceptive conduct: the devices are advertised without disclosing the damage they present. They also expose buyers to unfair risk that begins with simply turning on the device and connecting it to the Internet,” the EFF letter says.
“Here, where products containing real malware are sold at the point of sale, imposing sanctions on resellers will provide them with a powerful incentive to remove these products from the market and protect their customers,” they add.
He malware identified, a variant of the Triada Trojan, is installed in the supply chain between manufacturing and sale to these companies.
Not only is the EFF putting pressure on the FTC, but it has also sent the letter to Cybersecurity and Infrastructure Security Agency Director Jen Easterly, highlighting the severity of the attack on the consumer device supply chain.
As if that were not enough, this problem not only affects consumers, but also highlights the need for greater consumer protection. Furthermore, it is expected that, Taking all this into account, Amazon, AliExpress and other platforms have to pay a fine.
“We believe the resellers of these devices bear some responsibility for the broad scope of this attack and for failing to create a reliable avenue for researchers to notify them of these issues,” it reads.
“While it would not be practical for resellers to perform comprehensive security audits on every device they make available, they should remove these devices from the market once it has been revealed and confirmed that they include harmful malware,” they add.
EFF Urges FTC to Take Quick Action to Ensure Products Reaching Homes Do Not Pose a Safety Threat. The ball is now in the FTC’s court, and the decision they make could have quite a few repercussions on the sale going forward.
An episode that was already in the media due to the 8.9 million Android phones that were infected with malware
This is something Google has been struggling with for a long time. A few months ago, the media echoed the following: researchers from Trend Micro at Black Hat Asia sounded the alarm about the growing trend of millions of Android smartphones already coming with software pre-installed malicious.
Specific, Some 8.9 million mobile phones of up to 50 different brands were infected with malware and the added problem is its difficult elimination.
This malware It allows infected devices to communicate with a remote command and control server, collecting data about users that can then be sold. It is also capable of installing advertising platforms that completely destroy the battery of mobile phones as well as the user experience.
