Google Sues BadBox 2.0 Botnet Operators, Protecting 10 Million+ Infected Android Devices
Ddos 
In response to the escalating wave of cybersecurity threats, Google has filed a lawsuit against the operators behind BadBox 2.0—reportedly one of the world’s largest botnets leveraging smart TVs. The legal action not only exposes cybercriminal activities linked to China but also implicates over 10 million uncertified Android devices that have either been preloaded with malware or remotely infected, turning them into tools of digital fraud and ad-based deception.
According to court documents submitted by Google, the compromised devices include smart TV streaming boxes, tablets, and mini projectors—most of which are built on open-source versions of the Android operating system. These devices were either shipped with malicious software already installed or later tricked into downloading backdoors via counterfeit apps, effectively transforming them into zombie nodes used for orchestrated click fraud and large-scale ad scams.
In response to this attack, Google not only initiated legal proceedings but also upgraded Google Play Protect. The enhanced system is now capable of proactively blocking suspicious apps and download sources associated with BadBox 2.0. This defensive upgrade plays a vital role in halting the spread of malicious activity across additional devices in real time.
Meanwhile, the U.S. Federal Bureau of Investigation (FBI) has launched its own inquiry and issued an official advisory last month, warning that the cyber operations involving BadBox 2.0 have reached the scale of transnational organized crime. The investigation has since expanded through international cooperation, with the aim of completely dismantling the botnet’s underlying infrastructure.
BadBox 2.0 is not a new phenomenon. Its predecessor, BadBox, was first identified in 2023, targeting the Android platform with similar tactics. Although its activities were temporarily disrupted in 2024, the botnet has now returned with more sophisticated evasion techniques and an alarmingly broader reach. The scale and infection volume evoke comparisons to the Glupteba botnet, which Google helped take down in 2021—an operation that involved over one million compromised Windows PCs.
For Google, combating botnets like BadBox 2.0 is not only a matter of user protection but a critical step in preserving the trust and stability of the entire Android ecosystem.
Related Posts:
- BADBOX Botnet: Pre-installed Malware Targets Android Devices
- BADBOX Botnet Rises Again: 192,000+ Android Devices Compromised
- From Badbox to Peachpit Malware: Unraveling Android’s Multi-Million Dollar Scam
- Reddit Sues Anthropic: Battling Unauthorized AI Data Scraping!
- FTC Sues Uber Over Misleading Uber One Subscription Practices
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
