BADBOX Malware Infects Over 1 Million Android Devices, What You Need To Know

A new variant of the BADBOX malware campaign has taken root in over a million Android-based devices worldwide, and if you’ve picked up a cheap smart TV box or projector off Amazon or AliExpress lately, you might be part of the problem. BADBOX 2.0 is a sprawling botnet targeting Android Open Source Project (AOSP) devices—not certified Android TV gear—and it's converting them into residential proxies for cybercrime. It’s now the largest botnet leveraging connected TV (CTV) devices, and it’s big enough that even the FBI has issued a public warning.

What’s wild is how these devices get infected. Sometimes, it’s snuck in during setup via fake firmware updates or sketchy apps that bypass Google’s vetting, but more often than not these devices simply ship with the malware already baked in. Once compromised, they hook into remote command-and-control servers, allowing attackers ...