Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Google has filed a lawsuit in New York federal court against the operators of the BadBox 2.0 botnet, marking a significant escalation in the tech giant\u2019s fight against cybercriminal networks.<\/p>\n
The malware campaign represents the largest known botnet of internet-connected television devices, compromising over 10 million uncertified Android devices<\/a> worldwide.<\/p>\n BadBox 2.0 emerged as a sophisticated threat targeting devices running Android\u2019s open-source software without Google\u2019s integrated security protections.<\/p>\n The malware operators exploited the vulnerability gap in uncertified devices, pre-installing malicious code that remained dormant until activation.<\/p>\n This strategic approach allowed cybercriminals to establish persistent access to millions of connected TVs and streaming devices<\/a> across global networks.<\/p>\n The botnet\u2019s primary attack vector involved manufacturing partnerships with device producers who unknowingly distributed compromised hardware.<\/p>\n Once deployed in consumer environments, the infected devices conducted large-scale ad fraud operations, generating illegitimate revenue streams while remaining largely undetected by users.<\/p>\n Google researchers identified<\/a> the malware\u2019s sophisticated evasion techniques, which included mimicking legitimate network traffic patterns and operating during low-usage periods.<\/p>\n Google analysts working alongside HUMAN Security and Trend Micro researchers noted the malware\u2019s advanced persistence mechanisms during their investigation.<\/p>\n The collaborative effort revealed BadBox 2.0\u2019s ability to maintain command-and-control communications through encrypted channels, making traditional network monitoring ineffective.<\/p>\n The malware\u2019s infection mechanism relies on firmware-level integration during the manufacturing process.<\/p>\n BadBox 2.0 embeds itself within the Android Open Source Project framework, establishing deep system-level access that survives factory resets.<\/p>\n The malware creates hidden service processes that communicate with remote servers, enabling operators to push additional payloads and update attack strategies<\/a> dynamically.<\/p>\n Google\u2019s Ad Traffic Quality team has since updated Google Play Protect to automatically identify and block BadBox-associated applications, while the FBI continues coordinating with international law enforcement agencies.<\/p>\n Boost detection, reduce alert fatigue, accelerate response; all with an interactive sandbox built for security teams ->\u00a0Try ANY.RUN Now<\/a><\/strong><\/p>\n The post Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nInfection Mechanism and Persistence Architecture<\/strong><\/h2>\n