The Vo1d botnet malware specifically targets Android TV devices in several countries, including Brazil, South Africa, Indonesia, Argentina, and Thailand. As of February 2025, the botnet has grown significantly, reaching nearly 1.6 million active IP addresses. India's infection rate notably surged from less than 1% to over 18% within a month. Vo1d exhibits advanced stealth and encryption capabilities that hinder detection and analysis, making it a serious threat. The malware is believed to be delivered via compromised firmware, and its infrastructure may be rented by criminal actors for malicious activities.
Vo1d has evolved to enhance its stealth, resilience, and anti-detection capabilities, utilizing advanced encryption to secure communications and complicate analysis.
The rapid fluctuation in the botnet activity is likely due to its infrastructure being leased in specific regions to other criminal actors as part of a 'rental-return' cycle.
Collection
[
|
...
]