“In total the researchers confirmed eight devices with backdoors installed—seven TV boxes, the T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G, and a tablet J5-W. (Some of these have also been identified by other security researchers looking into the issue in recent months).”
edit this is the v4 of the title of this post. I’m not accustomed to editorializing or de-editorializing posts. I believe that the brand names involved were fairly trivial to the discussion of escalating malware cyberoperations especially if they are state sponsored. Earlier versions of the title were mischiefously incendiary. I apologize for that.
This article does NOT say Apple is shipping hardware with badbox / peachpit preinstalled.
It does look like some shady apps got submitted to Apple’s App Store and were committing Ad Fraud. Moreover, it looks like the Android Badbox devices are kind of toast, unless you’re up for totally reinstalling new firmware.
https://www.humansecurity.com/hubfs/HUMAN_Report_BADBOX-and-PEACHPIT.pdf
If you bought a name brand streaming device, and only installed popular well known apps from their marketplaces, you’re properly fine.