Google is taking legal action against the creators of BadBox 2.0, a massive botnet that infected over 10 million devices. This botnet, targeting mostly uncertified Android devices, is the largest of its kind affecting IoT (Internet of Things) televisions.
BadBox 2.0: A Digital Criminal Enterprise
BadBox 2.0, a successor to a similar botnet taken down in 2023, uses backdoors in cheap consumer devices to install malware. This malware allows hackers to remotely control the infected devices, turning them into a powerful botnet capable of large-scale digital crimes. The hackers use various methods to infect devices, including compromised supply chains and seemingly harmless apps containing hidden malware.
The Crimes Committed
Once infected, devices become part of the botnet and can be used for various malicious activities, including:
- Ad fraud: Generating fake clicks and impressions to defraud advertisers.
- Click fraud: Inflating click counts on websites and ads.
- Residential proxy services: Masking the origin of online activity for nefarious purposes.
- Account takeovers: Gaining unauthorized access to online accounts.
- DDoS attacks: Overwhelming websites with traffic to knock them offline.
- Malware distribution: Spreading more malware to other devices.
- One-time password theft: Stealing codes used for account security.
Google’s Response
Google has already taken steps to block BadBox 2.0 applications and is now pursuing legal action to hold the perpetrators accountable. Importantly, Google notes that Android TV OS devices or those with Play Protect certification were not affected.