Pre-installed malware threatens consumer privacy
The Federal Trade Commission (FTC) faces the imperative task of addressing the practices of e-commerce titans, Amazon and AliExpress. The accusation? The sale of Android TV set-top boxes and mobile devices with pre-installed malware, according to the Electronic Frontier Foundation (EFF).
Upon connecting to the Internet, these devices initiate communication with botnet servers, engaging in click fraud that generates advertising revenue. This activity, hidden from buyers, leaves them vulnerable to legal risks and without control over their own devices.
Legal Battle: Responsibility or Negligence?
Despite security reports, Amazon and AliExpress persist in selling these devices, sparking a debate about business ethics. The EFF argues that these platforms should remove the products when malware is confirmed, maintaining that selling them without disclosing these risks is misleading.
The FTC faces pressure to impose penalties on resellers, as a strong incentive to remove these products from the market. The identified malware, a variant of the Triada Trojan, installs itself in the supply chain, highlighting the fragility of the connection between manufacturers and sellers.
A cry for consumer protection
This issue not only affects end users, but also highlights the need for greater consumer protection. The EFF urges the FTC to act quickly to ensure product safety in homes, noting the severity of the attack on the consumer device supply chain.
This episode adds to Google's ongoing fight against pre-installed malware. Trend Micro researchers warned of millions of infected Android smartphones, evidencing the difficult removal of this malicious software.
The FTC's challenge to Amazon and AliExpress highlights the urgent need for measures that protect consumers and strengthen supply chain security. The FTC's decision will resonate in the future of e-commerce, setting a critical precedent for the industry.