Google is taking the hackers to court over a major Android fraud ring
What you need to know
- Google is suing hackers in China for hijacking over 10 million devices and building the sneaky BadBox 2.0 botnet.
- BadBox 2.0 was found on cheap Android streamers, tablets, and projectors—either preloaded with malware or infected during setup via sketchy apps.
- Google’s Play Protect now auto-blocks anything linked to BadBox 2.0, shutting the door on this botnet’s favorite tricks.
Google is going after unnamed individuals in China, claiming they hijacked over 10 million devices worldwide to build the BadBox 2.0 botnet, which was then used to run shady cyber schemes.
After reports from Human Security and Trend Micro exposed the BadBox 2.0 botnet, Google has confirmed it’s taking the culprits to court (via BleepingComputer). Filed in a New York federal court this week, Google’s lawsuit claims BadBox 2.0 infected uncertified devices—like budget streaming boxes, tablets, and projectors—by either slipping in malware before they shipped or sneaking it in through shady apps on open-source Android systems.
The infected devices were then used to carry out widespread ad fraud and other cybercrimes. On the bright side, Google’s Ad Traffic Quality team has upgraded Play Protect to automatically shut down any apps tied to BadBox 2.0.
Google’s lawsuit points to specific infected devices, including Android TV boxes like the X88 Pro 10, T95, MXQ Pro, and QPLOVE Q9. Human Security has shared a longer list for those curious.
Is your device on the list?
If you’re using one of those flagged devices, it’s a good idea to disconnect it immediately. According to Google, the BadBox malware hides in the background and silently fakes ad clicks without tipping you off.
The FBI has put out a public warning about the scope of this threat, saying hackers are using compromised TV streamers, projectors, car infotainment systems, and even digital photo frames to break into home networks. Most of these infected devices, the agency notes, were made in China.
Hackers are slipping into home networks in two main ways: by loading malware onto devices before they’re even sold, or by sneaking it in during setup through shady apps with hidden backdoors. When these infected IoT devices go online, they can be roped into the BadBox 2.0 botnet or used as residential proxies, both of which are often tied to sketchy online activity.
Ad fraud seems to be a major issue for Google here. The company says it’s stuck footing the bill for fake ad traffic while also pouring time and resources into tracking and shutting down the botnet. On top of that, Google claims the whole thing chips away at user trust, hurts its reputation, and cuts into profits.
Source link
