Google has increased its fight against cyber threats by initiating a lawsuit against the operators of BadBox 2.0. According to a recent company announcement, Google described the firm as the largest botnet targeting internet-connected televisions.
In its blog post, Google mentioned that its researchers, in a collaborative effort with cybersecurity firm HUMAN Security and Trend Micro, uncovered the sophisticated network that has infected over 10 million Android devices worldwide. These devices include cheap IoT gadgets like streaming boxes, tablets, and projectors.
The post mentioned that these devices are often sold under obscure brands and are hijacked by pre-installing malicious apps to perpetrate ad fraud and proxy services, like generating fake traffic that deceives advertising platforms.
Google drags operators of BadBox 2.0 to court
The lawsuit was filed in a United States federal court, invoking the Racketeer Influenced and Corrupt Organizations (RICO) Act. The company accused 25 Chinese individuals, whose identities remain unknown, of carrying out a global scheme that damages the reputation and finances of Google. By altering user interactions, the botnet increases ad impressions and clicks, stealing revenue from real advertisers and publishers.
This is not Google’s first experience with this sort of issue, as the company had already disrupted the first BadBox operation. The BadBox 2.0 represents an evolved threat with new capabilities and evasion tactics, including the use of presidential proxies to mask fraudulent activities. BadBox 2.0 takes advantage of the vulnerabilities in uncertified Android devices, which lack the sophisticated security checks of Google’s ecosystem.
Once a device is infected, it joins a host of other devices on the network, exhibiting human behaviors like viewing ads, clicking links, and even routing traffic for illegal purposes such as bypassing geoblocks or launching distributed denial-of-service attacks.
A report from BleepingComputer revealed that the botnet operators have amassed wealth by selling access to this proxy network in underground markets, turning everyday consumer electronics into tools for cybercrime.
The persistence of BadBox shows deeper challenges
According to reports, the scale is big, with over 10 million devices from more than 200 countries, as detailed by Google in its announcement, making it one of the most pervasive botnets in recent history. This is quite bigger than the previous Glupteba threat that was targeted by Google in a 2021 lawsuit for infecting Windows machines through blockchain-protected malware.
Industry analysts mentioned that BadBox 2.0’s focus on IoT shows a growing blind spot in cybersecurity, where low-cost items from unregulated manufacturers are vulnerable to exploits.
Google, in its legal action, seeks to dismantle the botnet and also to recover damages and impose penalties that would deter similar operations. By naming specific application sideloading and firmware manipulation, the suit shows the need for stronger supply chain security in the Android ecosystem.
According to reports, the company has already initiated technical measures to address this, such as removing 24 malicious apps from the Google Play Store and silencing command-and-control servers, which dropped the botnet activity by half earlier this year.
Google’s move is also in line with broader industry trends. Microsoft’s attempt to take down botnets like Trickbot shows a move towards proactive litigation as a weapon against cyber syndicates.
For consumers, the revelation shows the implications of purchasing unverified gadgets, which could unknowingly contribute to fraud or expose personal data.
Google’s announcement also shows its ongoing monitoring through its Threat Analysis Group. However, analysts at HUMAN Security have warned that threats like BadBox 2.0 require collaborative defenses across the tech sector. Also, the lawsuit could be a precedent to hold foreign actors accountable under United States law, influencing how companies combat global crimes.
Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now
Earn more PRC tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://parrotcoin.net0
PRC Comment Policy
Your comments MUST BE constructive with vivid and clear suggestion relating to the post.
Your comments MUST NOT be less than 5 words.
Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.
Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.
Constructive REPLY to comments is allowed