Over 10 million Android users told to turn off devices after Google exposes ‘infection' – exact list of models affected
BIG SWITCH-OFF Over 10 million Android users told to turn off devices after Google exposes 'infection' – exact list of models affected
HOUSEHOLDS have been warned against buying cheap gadgets online that may come pre-installed with dangerous malware.
As many as 10 million devices have been affected, according to a recent security warning from Google.
Advertisement
3
BadBox targets Android devices and has been found inside 24 apps on the Google Play Store, security researchers at MalwareBytes have said
Credit: Android TV
3
Cyber criminals gain access either by installing malicious software prior to the users purchase, or infecting the device as it downloads required applications during the set-up process
Credit: Getty
TV set-top boxes, tablets and digital projectors being made in China have been found to be either susceptible to a malware known as BadBox 2.0, or have it already downloaded by the time it is shipped.
BadBox targets Android devices and has been found inside 24 apps on the Google Play Store, security researchers at MalwareBytes have said.
While those apps, and several BadBox servers, were removed as of March 2025, it remains one of the biggest malware threats to internet-connected TVs.
The minute consumers set up the device, they open up a backdoor for criminals to access other devices in their home network.
Advertisement
Cyber criminals gain access either by installing malicious software prior to the users purchase, or infecting the device as it downloads required applications during the set-up process.
Badbox can run advertising fraud, as well as more worrying attacks, such as ransomware, where users are often asked to pay a fee to stop data being leaked.
In its security warning, Google wrote: "The BadBox 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open Source Project), which lacks Google's security protections.
3
The FBI has also issued an alert about the BadBox malware campaign, saying there may be more gadgets affected - including car infotainment systems
Credit: Mercedes-Benz AG
Advertisement
"Cyber criminals infected these devices with preinstalled malware and exploited them to conduct large-scale ad fraud and other digital crimes."
The tech giant has now filed a lawsuit in the New York federal court against the crooks behind BadBox.
Some of the known devices that have been infected include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9.
Urgent warning to delete 2 dangerous apps that STEAL all photos & blackmail you
It's unclear if these are the only affected TV boxes.
Advertisement
Though tablets and digital projectors with unknown model numbers are still reportedly affected.
If you think you have purchased a cheap Android-powered set-top box - especially one mentioned above - it's important to check if it Google Play Protect-certified.
Google Play Protect is Android's built-in malware and unwanted software protection, which the tech company has updated to automatically block BadBox-infected apps.
"While these actions kept our users and partners safe," according to Google. "This lawsuit enables us to further dismantle the criminal operation behind the botnet, cutting off their ability to commit more crime and fraud."
Advertisement
The FBI has also issued an alert about the BadBox malware campaign, saying there may be more gadgets affected.
"Cyber criminals gain unauthorised access to home networks through compromised IoT (internet of things) devices," the FBI wrote in an alert. "Such as TV streaming devices, digital projectors, aftermarket vehicle infotainment systems, digital picture frames and other products."
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Guardian
43 minutes ago
- The Guardian
Google expected to report $94bn in revenue after AI fuels second quarter
Google is expected to report earnings following the bell on Wednesday after closing out a quarter of AI-related momentum that has given investors reasons to be optimistic. Wall Street is expecting the search giant to report $2.18 in earnings per share (EPS) on $94bn in revenue. All eyes will be on how the company's various AI efforts and investments are faring as Google closes a quarter of considerable growth in the crowded space. Most recently, OpenAI announced it would add Google Cloud to its suite of cloud storage providers for ChatGPT. Analysts are also expecting a favorable outlook on general growing demand for Google's cloud services. 'The cloud business continues to benefit from robust enterprise demand, and the recent decision by OpenAI to run ChatGPT on Google Cloud – after relying primarily on Microsoft – is both symbolic and strategic,' Scott Acheychek, COO of Rex Financial, said in a statement. 'It speaks to scale. It speaks to speed. And it underscores how Alphabet's in-house AI stack is quietly turning into a competitive asset, winning business from names like Apple and Anthropic.' While analysts still expect the company to report positive results for the second quarter of the year, some are concerned about its recent series of antitrust losses. A judge in April found that the firm acted illegally to build a monopoly of some of its advertising technology. That follows an August ruling that found Google engaged in anticompetitive behavior to protect its search monopoly. They're also looking for updates on recent analyses and remarks that indicate Google searches have declined for the first time in 22 years. During Google's recent antitrust trial, for instance, the Apple senior vice-president of services Eddy Cue said Google searches in Safari had fallen for the first time in 22 years. He attributed that to the rise in the use of AI chatbots like ChatGPT, Perplexity, Gemini and Microsoft Copilot for searches. Sign up to TechScape A weekly dive in to how technology is shaping our lives after newsletter promotion 'Search remains the dominant cash engine – and a tension point,' Acheychek said. 'While OpenAI's ChatGPT is arguably a threat to Google's search business, it's also a customer. That duality sums up the moment. This isn't necessarily a winner-take-all race; it's a scramble to serve the exploding demand for generative tools, wherever they may live.' Google is also expected to give updates on its planned $75bn investment in building out its data center capacity to support its AI features such as its expansion of AI search results. 'It seems this is a necessary investment as the only factor limiting Google's growth is the constraints on computing that AI and cloud solutions need to run on,' said Brian Mulberry, senior portfolio manager at Zacks Investment Management.
Daily Record
2 hours ago
- Daily Record
Everyone with a Gmail account issued 'red alert' over new AI scam
Tech experts have explained how a new sophisticated scam using artificial intelligence is targeting 1.8billion Gmail accounts using Google's own AI model, Gemini Google has issued a "red alert" to anyone who holds one of its 1.8billion accouns over a new artificial intelligence scam reportedly being used by cyber criminals. Tech expert Scott Polderman explained the data-stealing scam involves another Google product, Gemini, an AI assistant known as a chatbot. "So hackers have figured out a way to use Gemini - Google's own AI - against itself," he clarified. "Essentially, hackers are sending an email with a hidden message to Gemini to reveal your passwords without you even realising." Scott highlighted that this scam is unique from previous ones as it is "AI against AI" and could set a precedent for future attacks in the same vein. He elaborated: "These hidden instructions are getting AI to work against itself and have you reveal your login and password information." Scott continued, explaining why so many users are falling victim to the problem. "There is no link that you have to click [to activate the scam]," he said. "It's Gemini popping up and letting you know you are at risk." He also advised that Google has previously stated it will "never ask" for your login information or "never alert" you of fraud through Gemini. Another tech expert, Marco Figueroa, added that send emails including prompts that Gemini can pick up on, with the font size set to zero and the text colour to white so users don't spot it. One TikTok user responded with further advice to help guard against the scam. "To disable Google Gemini's features within your Gmail account, you need to adjust your Google Workspace settings," they penned. "This involves turning off 'SMART FEATURES' and potentially disabling the Gemini app and its integration within other Google products." Another shared: "I never use Gemini, still I might change my password just in case." A third individual declared: "I'm sick of all of this already. I'm going back to pen and paper!". And in a similar vein, a fourth added: "I quit using Gmail a long time ago! Thank you for the alert! I'll go check my old accounts." Join the Daily Record WhatsApp community! Get the latest news sent straight to your messages by joining our WhatsApp community today. You'll receive daily updates on breaking news as well as the top headlines across Scotland. No one will be able to see who is signed up and no one can send messages except the Daily Record team. All you have to do is click here if you're on mobile, select 'Join Community' and you're in! If you're on a desktop, simply scan the QR code above with your phone and click 'Join Community'. We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don't like our community, you can check out any time you like. To leave our community click on the name at the top of your screen and choose 'exit group'. If you're curious, you can read our Privacy Notice. Google cautioned in its security blog last month: "With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections. "Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections involve hidden malicious instructions within external data sources. These may include emails, documents, or calendar invites that instruct AI to exfiltrate user data or execute other rogue actions. "As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures." Nevertheless, the tech giant sought to provide reassurance to users, stating: "Google has taken a layered security approach introducing security measures designed for each stage of the prompt lifecycle. From Gemini 2.5 model hardening, to purpose-built machine learning (ML) models detecting malicious instructions, to system-level safeguards, we are meaningfully elevating the difficulty, expense, and complexity faced by an attacker. "This approach compels adversaries to resort to methods that are either more easily identified or demand greater resources."
The Guardian
3 hours ago
- The Guardian
UK competition watchdog to act over Apple and Google's mobile platforms
A UK watchdog has said it intends to take action to open up Apple and Google's mobile platforms to more competition to benefit consumers, businesses and app developers. The Competition and Markets Authority has proposed to designate the tech companies as having 'strategic market status' – as they hold an 'effective duopoly' for access on mobile devices – and now intends to force the two companies to make changes to their mobile platforms. The regulator said that it had published 'roadmaps' for Apple and Google and that it would take a 'proportionate, pro-innovation' approach to 'promote competition in digital markets while protecting UK consumers and businesses from unfair or harmful practices'. The CMA said it would, in the first instance, focus on areas such as the tech companies' app stores – which have been criticised by developers over issues including fees of up to 30% for transactions – to ensure a 'fair and transparent' app review process, as well as making sure that smartphone users could 'steer' away from app stores to make purchases. The watchdog, which launched an investigation into the US tech companies earlier this year, will also address restrictions Apple imposes on digital wallets to ensure that competing financial technology companies can compete. 'Apple and Google's mobile platforms are both critical to the UK economy – playing an important role in all our lives, from banking and shopping to entertainment and education,' said Sarah Cardell, the chief executive of the CMA. 'But our investigation so far has identified opportunities for more innovation and choice. Time is of the essence: as competition agencies and courts globally take action in these markets, it's essential the UK doesn't fall behind,' she said. However, the CMA said it did not at this stage intend to force major changes such as requiring Apple to allow alternative app stores, or alternative payment methods for in-app purchases beyond its existing payment system. Tom Smith, a competition lawyer at Geradin Partners and a former CMA director, said the competition watchdog was 'ducking' taking major decisions 'which might draw political heat'. 'The CMA is implementing the regime in a thoughtful and authoritative way, but it is doing it more timidly than it should be,' he said. 'It is proposing some useful measures that would open up competition in digital markets, but it is ducking issues that would really threaten the entrenched positions of Apple and Google, and which might therefore draw political heat. For example, they have postponed the possibility for alternative app stores to challenge the App Store's monopoly on Apple devices.' Tim Sweeney, the founder and chief executive of Fortnite maker Epic, which has had legal battles with Google and Apple in the US, criticised the CMA's approach as 'surprisingly weak'. 'The monopolised UK app store economy has all of the vibrancy of a Soviet supermarket,' he said in a post on X. 'And consideration of unblocking competing app stores is delayed to 2026.' The company said it could not launch its Epic Games Store on Apple's iOS platform in the UK – as it was doing in EU countries and later this year in Brazil and Japan – and that availability of its globally popular Fortnite game on Apple phones in the UK was 'now uncertain'. The UK competition watchdog announced its investigations into Apple and Google's mobile platforms in January. When the investigation was launched, the CMA said that virtually all smartphones sold in the UK were pre-installed with Apple's iOS or Google's Android operating systems, while their app stores and browsers had privileged positions over third-party products and services. Apple's Safari and Google's Chrome dominate the mobile browser market on iPhones and Android devices. The CMA investigation was launched days after the appointment of Doug Gurr, the former country manager of Amazon UK, as its new chair. Sign up to Business Today Get set for the working day – we'll point you to all the business news and analysis you need every morning after newsletter promotion The government, which has pushed for a shake-up of regulation to kickstart UK growth, was forced to deny it was 'in the pocket of big tech' after the appointment. Tech firms, publishers and the consumer watchdog Which? subsequently wrote to the chancellor, Rachel Reeves, raising concerns that Gurr's appointment posed a threat to the independence of the CMA. Gurr said he would make the CMA's investigations into mergers and takeovers 'simple and rapid', and Cardell said in February that a change of strategic direction was needed. Apple responded to the CMA's decision to act by saying the proposed new rules could hamper innovation and threaten privacy and security. 'We're concerned the rules the UK is now considering would undermine the privacy and security protections that our users have come to expect, hamper our ability to innovate, and force us to give away our technology for free to foreign competitors,' a spokesperson said. 'We will continue to engage with the regulator to make sure they fully understand these risks.' Google said its products were open-source and offered choice, security and innovation for users. 'That's why today's announcement is disappointing and unwarranted,' said Oliver Bethell, the senior director, competition, at Google. The company said that in 2022 its Android operating system generated more than £9.9bn in revenue for British developers, supporting more than 457,000 jobs. 'It is therefore crucial that any new regulation is evidence-based, proportionate and does not become a roadblock to growth in the UK,' Bethell said. If a company is designated as having 'strategic market status', that status can last for a five-year period, and breaches of conduct rules can result in fines of up to 10% of global turnover.
