The FBIissued a public warning last weekabout a massive cybercrime operation exploiting everyday internet-connected devices. The botnet, dubbed BADBOX 2.0, has quietly infiltrated millions of TV streaming boxes, digital projectors, tablets, car infotainment systems, and other smart gadgets commonly found in homes across the U.S.
What BADBOX 2.0 actually does
Once compromised, these devices don’t just underperform or crash, they secretly enlist your home internet connection into a residentialproxy network. That means cybercriminals can hide behind your IP address to commit crimes like ad fraud, data scraping, and more. All of it happens behind the scenes, without the victim’s knowledge.
“This is all completely unbeknownst to the poor users that have bought this device just to watch Netflix or whatever,” said Gavin Reid, chief information security officer at cybersecurity firm Human Security, in aninterview with Wired.
What devices are affected?
According to the FBI, BADBOX 2.0 has infected:
Most of these devices are manufactured in China and marketed under generic or unrecognizable brand names. Security researchers estimate at least 1 million active infections globally, with the botnet potentially encompassing several million devices overall. The worst offenders belong to the “TV98” and “X96” families of Android-based devices, both of which are currently available for purchase on Amazon. In the example below, one of the potentially problematic devices is advertised as “Amazon’s Choice.”
How the infections happens
There are two primary sources for infection:
This marks an evolution from the original BADBOX campaign, which relied primarily on firmware-level infections. The new version is more nimble, using software tricks and fake apps to broaden its reach.
How to tell if your device is infected
Here are the red flags to watch for:
How to protect your home network
To stay safe, the FBI recommends the following precautions:
If you suspect a device on your network may be infected, disconnect it immediately and consider filing a report with the FBI at www.ic3.gov.
Be skeptical of bargain gadgets
If seems too good to be true, it probably is. Fyodor Yarochkin, a senior threat research at Trend Micro said it best, “There is no free cheese unless the cheese is in a mousetrap.”
