Latest news with #BadBox


Forbes
3 days ago
- Forbes
FBI Warning To 10 Million Android Users — Disconnect From Internet Now
Discconnect now, FBI warns 10 million Android users. In March, I reported that one of the largest botnets of its kind ever detected had impacted over a million Android devices. That massive attack was known as BadBox, but it has now been eclipsed by BadBox 2.0, with at least 10 million Android devices infected. Google has taken action to protect users as best it can, as well as launching legal action against the attackers, and the FBI has urged impacted users to disconnect their devices from the internet. Here's what you need to know. The FBI, Google And Others Warn Of Android BadBox 2.0 Attacks The FBI cybersecurity alert, I-060525-PSA, could not have been clearer: ongoing attacks are targeting everything from streaming devices, digital picture frames, third-party aftermarket automobile infotainment systems and other assorted home smart devices. The devices, all low-cost and uncertified, mostly originating in China, allow attackers to access your home network and beyond by, the FBI warned, 'configuring the product with malicious software prior to the user's purchase.' It has also been noted, however, that mandatory 'software updates' during the installation process can also install a malicious backdoor. Point Wild's Threat Intelligence Lat61 Team reverse-engineered the BadBox 2 infection chain and, as a result, uncovered new indicators of compromise that have been shared with global Computer Emergency Response Teams, as well as law enforcement. 'This Android-based malware is pre-installed in the firmware of low-cost IoT devices, smart TVs, TV boxes, tablets, before they even leave the factory,' Kiran Gaikwad from the LAT61 team said, 'It silently turns them into residential proxy nodes for criminal operations like click fraud, credential stuffing, and covert command and control (C2) routing.' Google, meanwhile, confirmed in a July 17 statement that it had 'filed a lawsuit in New York federal court against the botnet's perpetrators.' Google also said that it has 'updated Google Play Protect, Android's built-in malware and unwanted software protection, to automatically block BadBox-associated apps.' FBI Recommendations And Mitigations — Disconnect Devices From The Internet Now The FBI has recommended that Android users should be on the lookout for a number of potential clues that your Chinese-manufactured smart device could be infected with BadBox 2.0 malware. When it comes to mitigation, the advice is straightforward: users should 'consider disconnecting suspicious devices from their networks,' the FBI said.


Daily Record
6 days ago
- Daily Record
Millions of Android devices infected with virus- check if yours needs turning off
Millions of Android devices have been affected by the cyber attack An urgent warning has been issued to Android users that millions of devices have been infected with the 'BadBox malware' virus. The bug can allow cyber criminals to make money off infected devices through adware and expose users to ransomware, where they threaten to leak your personal data unless you pay up. The Mirror reports that around 10 million gadgets have even been exposed to the second version of the virus, called BadBox 2.0, but this time around it's not phones that have been attacked. Instead, it's other devices that also use a version of Android including tablets, projectors and streaming boxes. These very cheap and products are being made in China and often come pre-loaded with BadBox. To keep consumers safe, Google is now trying to shut down the cyber-crime operation by filing a lawsuit against those creating and selling the dodgy devices. "This botnet—called the 'BadBox 2.0' botnet—is already the largest known botnet of internet-connected TV devices, and it grows each day,' Google confirmed. 'Without warning, it could be used to commit more dangerous cybercrimes, such as ransomware or distributed denial-of-service ('DDoS') attacks.' As well as Google taking action, the FBI has also had its say on the problems, with the law agency urging consumers to be aware and turn things off if they think they have a device that could be infected. 'The public is urged to evaluate IoT devices in their home for any indications of compromise and consider disconnecting suspicious devices from their networks," the FBI said. Some of the known devices that have been infected with the virus include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. If you think you have bought a set-top box from an unofficial store - especially any of the ones mentioned above - it's worth checking to see if it Google Play Protect-certified. Before buying a new device, it's also worth avoiding off-brand gadgets that aren't from a known manufacturer, as they could be targeted by Badbox 2.0. This malware can also be added after the box is installed in homes, so be careful when downloading apps and only access official and protected software. In other cyber hacking news, the aftermath of the infamous M&S hacking scandal has continued with a huge-scale multi-million pound lawsuit against the company. Hackers had obtained customer and staff information that could include phone numbers, home addresses, dates of birth and online ordering histories of millions of people in a cyberattack in April. In May, Thompsons Solicitors launched a class action suit which could result in compensation pay-outs of several hundred pounds per customer. Join the Daily Record WhatsApp community! Get the latest news sent straight to your messages by joining our WhatsApp community today. You'll receive daily updates on breaking news as well as the top headlines across Scotland. No one will be able to see who is signed up and no one can send messages except the Daily Record team. All you have to do is click here if you're on mobile, select 'Join Community' and you're in! If you're on a desktop, simply scan the QR code above with your phone and click 'Join Community'. We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don't like our community, you can check out any time you like. To leave our community click on the name at the top of your screen and choose 'exit group'.


Daily Mirror
6 days ago
- Daily Mirror
Millions of Android users must switch off their devices immediately, check yours today
A worrying new Android attack has left around 10 million devices infected with a scary malware - check yours is not on this list. A new alert has been issued to Android users and it's not something anyone should ignore. The latest warning comes after the discovery that millions of devices have been infected with the so-called BadBox malware. This bug is not only capable of making cyber crooks serious amounts of money via annoying adware, but it could also expose users to concerning ransomware, which asks for money in exchange for personal data not being leaked. It's currently thought that around 10 million gadgets have even been exposed to BadBox 2.0, but this time it's not phones that are affected. Instead, it's other devices that also use a version of Android including tablets, projectors and streaming boxes. These very cheap and enticing products are being made in China and often come pre-loaded with BadBox. In a bid to end the attacks and keep consumers safe, Google is now trying to shut down this illegal operation with the US technology giant filing a lawsuit against those creating and selling the dodgy devices. "This botnet—called the 'BadBox 2.0' botnet—is already the largest known botnet of internet-connected TV devices, and it grows each day,' Google confirmed. 'Without warning, it could be used to commit more dangerous cybercrimes, such as ransomware or distributed denial-of-service ('DDoS') attacks.' Along with Google issuing an alert, the FBI has also had its say on the problems with the law agency urging consumers to be aware and turn things off if they think they have a device that could be infected. 'The public is urged to evaluate IoT devices in their home for any indications of compromise and consider disconnecting suspicious devices from their networks," the FBI said. Some of the known devices that have been purchased include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. If you think you have bought a set-top box from an unofficial store - especially any of the ones mentioned above - it's worth checking to see if it Google Play Protect-certified. If it's not, be warned. Before buying a new device, it's also worth avoiding off-brand gadgets that aren't from a known manufacturer, as they could be targeted by Badbox 2.0. This malware can also be added after the box is installed in homes, so be careful when downloading apps and only access software from official.


The Irish Sun
21-07-2025
- The Irish Sun
Over 10 million Android users told to turn off devices after Google exposes ‘infection' – exact list of models affected
HOUSEHOLDS have been warned against buying cheap gadgets online that may come pre-installed with dangerous malware. As many as 10 million devices have been affected, according to a recent 3 BadBox targets Android devices and has been found inside 24 apps on the Google Play Store, security researchers at MalwareBytes have said Credit: Android TV 3 Cyber criminals gain access either by installing malicious software prior to the users purchase, or infecting the device as it downloads required applications during the set-up process Credit: Getty TV set-top boxes, tablets and digital projectors being made in China have been found to be either susceptible to a malware known as BadBox 2.0, or have it already downloaded by the time it is shipped. BadBox targets Android devices and has been found inside 24 apps on the Google Play Store, security researchers at While those apps, and several BadBox servers, were removed as of March 2025, it remains one of the biggest malware threats to internet-connected TVs. The minute consumers set up the device, they open up a backdoor for criminals to access other devices in their home network. READ MORE ON ANDROID Cyber criminals gain access either by installing malicious software prior to the users purchase, or infecting the device as it downloads required applications during the set-up process. Badbox can run advertising fraud, as well as more worrying attacks, such as ransomware, where users are often asked to pay a fee to stop data being leaked. In its security warning, Google wrote: "The BadBox 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open Source Project), which lacks Google's security protections. 3 The FBI has also issued an alert about the BadBox malware campaign, saying there may be more gadgets affected - including car infotainment systems Credit: Mercedes-Benz AG "Cyber criminals infected these devices with preinstalled malware and exploited them to conduct large-scale ad fraud and other digital crimes." Most read in Tech The tech giant has now filed a lawsuit in the New York federal court against the crooks behind BadBox. Some of the known devices that have been infected include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. Urgent warning to delete 2 dangerous apps that STEAL all photos & blackmail you It's unclear if these are the only affected TV boxes. Though tablets and digital projectors with unknown model numbers are still reportedly affected. If you think you have purchased a cheap Android-powered set-top box - especially one mentioned above - it's important to check if it Google Play Protect-certified. Google Play Protect is Android's built-in malware and unwanted software protection, which the tech company has updated to automatically block BadBox-infected apps. "While these actions kept our users and partners safe," according to Google. "This lawsuit enables us to further dismantle the criminal operation behind the botnet, cutting off their ability to commit more crime and fraud." The FBI has also issued an alert about the BadBox malware campaign , saying there may be more gadgets affected. "Cyber criminals gain unauthorised access to home networks through compromised IoT (internet of things) devices," the FBI wrote in an WHAT TO LOOK OUT FOR There are six signs that your digital gadgets may have been infected with BadBox 2.0 malware, according to the FBI: Possible indicators of BadBox 2.0 botnet activity include: The presence of suspicious marketplaces where apps are downloaded. Requiring Google Play protect settings to be disabled. Generic TV streaming devices advertised as unlocked or capable of accessing free content. IoT devices advertised from unrecognizable brands. Android devices that are not Play Protect certified. Unexplained or suspicious Internet traffic. Image credit: Getty


Scottish Sun
21-07-2025
- Scottish Sun
Over 10 million Android users told to turn off devices after Google exposes ‘infection' – exact list of models affected
The tech giant has now filed a lawsuit in the New York federal court against the crooks behind BadBox BIG SWITCH-OFF Over 10 million Android users told to turn off devices after Google exposes 'infection' – exact list of models affected HOUSEHOLDS have been warned against buying cheap gadgets online that may come pre-installed with dangerous malware. As many as 10 million devices have been affected, according to a recent security warning from Google. Advertisement 3 BadBox targets Android devices and has been found inside 24 apps on the Google Play Store, security researchers at MalwareBytes have said Credit: Android TV 3 Cyber criminals gain access either by installing malicious software prior to the users purchase, or infecting the device as it downloads required applications during the set-up process Credit: Getty TV set-top boxes, tablets and digital projectors being made in China have been found to be either susceptible to a malware known as BadBox 2.0, or have it already downloaded by the time it is shipped. BadBox targets Android devices and has been found inside 24 apps on the Google Play Store, security researchers at MalwareBytes have said. While those apps, and several BadBox servers, were removed as of March 2025, it remains one of the biggest malware threats to internet-connected TVs. The minute consumers set up the device, they open up a backdoor for criminals to access other devices in their home network. Advertisement Cyber criminals gain access either by installing malicious software prior to the users purchase, or infecting the device as it downloads required applications during the set-up process. Badbox can run advertising fraud, as well as more worrying attacks, such as ransomware, where users are often asked to pay a fee to stop data being leaked. In its security warning, Google wrote: "The BadBox 2.0 botnet compromised over 10 million uncertified devices running Android's open-source software (Android Open Source Project), which lacks Google's security protections. 3 The FBI has also issued an alert about the BadBox malware campaign, saying there may be more gadgets affected - including car infotainment systems Credit: Mercedes-Benz AG Advertisement "Cyber criminals infected these devices with preinstalled malware and exploited them to conduct large-scale ad fraud and other digital crimes." The tech giant has now filed a lawsuit in the New York federal court against the crooks behind BadBox. Some of the known devices that have been infected include Android TV boxes with model numbers X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. Urgent warning to delete 2 dangerous apps that STEAL all photos & blackmail you It's unclear if these are the only affected TV boxes. Advertisement Though tablets and digital projectors with unknown model numbers are still reportedly affected. If you think you have purchased a cheap Android-powered set-top box - especially one mentioned above - it's important to check if it Google Play Protect-certified. Google Play Protect is Android's built-in malware and unwanted software protection, which the tech company has updated to automatically block BadBox-infected apps. "While these actions kept our users and partners safe," according to Google. "This lawsuit enables us to further dismantle the criminal operation behind the botnet, cutting off their ability to commit more crime and fraud." Advertisement The FBI has also issued an alert about the BadBox malware campaign, saying there may be more gadgets affected. "Cyber criminals gain unauthorised access to home networks through compromised IoT (internet of things) devices," the FBI wrote in an alert. "Such as TV streaming devices, digital projectors, aftermarket vehicle infotainment systems, digital picture frames and other products."