Google Sues BadBox 2.0 Botnet Operators Behind 10 Million+ Infected Devices

Google has initiated legal proceedings against the operators of BadBox 2.0, identified as the largest botnet comprising internet-connected televisions and other devices.

This botnet, uncovered through a collaborative effort with cybersecurity firms HUMAN Security and Trend Micro, has infected over 10 million uncertified devices running the Android Open Source Project (AOSP).

Unlike certified Android systems fortified with Google’s proprietary security layers, AOSP-based devices are particularly vulnerable due to their open-source nature, lacking built-in protections such as Verified Boot and Google Play Protect’s real-time scanning capabilities.

The perpetrators exploited this vulnerability by embedding persistent malware during the manufacturing process, transforming these devices into unwitting nodes in a sprawling network used for sophisticated ad fraud schemes and other illicit activities.

Massive Android-Based Botnet

The BadBox 2.0 operation represents an evolution from its predecessor, leveraging pre-installed rootkits and command-and-control (C2) servers to orchestrate distributed denial-of-service (DDoS) attacks, proxy traffic ...