Badbox 2.0 is a prominent botnet targeting smart TV boxes and connected devices, re-emerging more powerful after previous disruptions. Initially identified in 2022, it infects devices through pre-installed malware and shady app installs, primarily targeting affordable devices from China. Recent security efforts by Human Security and collaborations with the FBI have led to significant progress, including the seizure of command-and-control servers. However, cybercriminals continue exploiting uncertified Android devices, prompting warnings from authorities and indicating a persistent threat, with expectations that a Badbox 3 may soon emerge.
"We continue to try and shut them off wherever we can - that hasn't stopped." Human Security CISO Gavin Reid reflects on disruptive efforts against the Badbox botnet.
"Badbox 2.0 infects devices both before and after sale, either baked into the firmware or delivered via shady app installs." This highlights the sophisticated tactics used.
"The FBI issued a Public Service Announcement warning consumers that cybercriminals continue to exploit these uncertified Android devices to expand the Badbox 2.0 botnet." This emphasizes ongoing threats.
"Every couple of years people buy new devices, and we expect there will be a Badbox 3 - we're following up on a number of different leads."
Collection
[
|
...
]