Google has increased its fight against cyber threats by initiating a lawsuit against the operators of BadBox 2.0. According to a recent company announcement, Google described the firm as the largest botnet targeting internet-connected televisions.
In its blog post, Google mentioned that its researchers, in a collaborative effort with cybersecurity firm HUMAN Security and Trend Micro, uncovered the sophisticated network that has infected over 10 million Android devices worldwide. These devices include cheap IoT gadgets like streaming boxes, tablets, and projectors.
The post mentioned that these devices are often sold under obscure brands and are hijacked by pre-installing malicious apps to perpetrate ad fraud and proxy services, like generating fake traffic that deceives advertising platforms.
Google drags operators of BadBox 2.0 to court
The lawsuit was filed in a United States federal court, invoking the Racketeer Influenced and Corrupt Organizations (RICO) Act. The company accused 25 Chinese individuals, whose identities remain unknown, of carrying out a global scheme that damages the reputation and finances of Google. By altering user interactions, the botnet increases ad impressions and clicks, stealing revenue from real advertisers and publishers.
This is not Google’s first experience with this sort of issue, as the company had already disrupted the first BadBox operation. The BadBox 2.0 represents an evolved threat with new capabilities and evasion tactics, including the use of presidential proxies to mask fraudulent activities. BadBox 2.0 takes advantage of the vulnerabilities in uncertified Android devices, which lack the sophisticated security checks of Google’s ecosystem.
Once a device is infected, it joins a host of other devices on the network, exhibiting human behaviors like viewing ads, clicking links, and even routing traffic for illegal purposes such as bypassing geoblocks or launching distributed denial-of-service attacks.
A report from BleepingComputer revealed that the botnet operators have amassed wealth by selling access to this proxy network in underground markets, turning everyday consumer electronics into tools for cybercrime.
The persistence of BadBox shows deeper challenges
According to reports, the scale is big, with over 10 million devices from more than 200 countries, as detailed by Google in its announcement, making it one of the most pervasive botnets in recent history. This is quite bigger than the previous Glupteba threat that was targeted by Google in a 2021 lawsuit for infecting Windows machines through blockchain-protected malware.
Industry analysts mentioned that BadBox 2.0’s focus on IoT shows a growing blind spot in cybersecurity, where low-cost items from unregulated manufacturers are vulnerable to exploits.
Google, in its legal action, seeks to dismantle the botnet and also to recover damages and impose penalties that would deter similar operations. By naming specific application sideloading and firmware manipulation, the suit shows the need for stronger supply chain security in the Android ecosystem.
According to reports, the company has already initiated technical measures to address this, such as removing 24 malicious apps from the Google Play Store and silencing command-and-control servers, which dropped the botnet activity by half earlier this year.
Google’s move is also in line with broader industry trends. Microsoft’s attempt to take down botnets like Trickbot shows a move towards proactive litigation as a weapon against cyber syndicates.
For consumers, the revelation shows the implications of purchasing unverified gadgets, which could unknowingly contribute to fraud or expose personal data.
Google’s announcement also shows its ongoing monitoring through its Threat Analysis Group. However, analysts at HUMAN Security have warned that threats like BadBox 2.0 require collaborative defenses across the tech sector. Also, the lawsuit could be a precedent to hold foreign actors accountable under United States law, influencing how companies combat global crimes.
Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now
