FBI Warning To 10 Million Android Users — Disconnect From Internet Now

In March, I reported that one of the largest botnets of its kind ever detected had impacted over a million Android devices. That massive attack was known as BadBox, but it has now been eclipsed by BadBox 2.0, with at least 10 million Android devices infected. Google has taken action to protect users as best it can, as well as launching legal action against the attackers, and the FBI has urged impacted users to disconnect their devices from the internet. Here’s what you need to know.

ForbesPassword Hack Warning As New Threat Jumps From Your Laptop To PhoneBy Davey Winder

The FBI, Google And Others Warn Of Android BadBox 2.0 Attacks

The FBI cybersecurity alert, I-060525-PSA, could not have been clearer: ongoing attacks are targeting everything from streaming devices, digital picture frames, third-party aftermarket automobile infotainment systems and other assorted home smart devices. The devices, all low-cost and uncertified, mostly originating in China, allow attackers to access your home network and beyond by, the FBI warned, “configuring the product with malicious software prior to the user’s purchase.” It has also been noted, however, that mandatory “software updates” during the installation process can also install a malicious backdoor.

Point Wild’s Threat Intelligence Lat61 Team reverse-engineered the BadBox 2 infection chain and, as a result, uncovered new indicators of compromise that have been shared with global Computer Emergency Response Teams, as well as law enforcement. “This Android-based malware is pre-installed in the firmware of low-cost IoT devices, smart TVs, TV boxes, tablets, before they even leave the factory,” Kiran Gaikwad from the LAT61 team said, “It silently turns them into residential proxy nodes for criminal operations like click fraud, credential stuffing, and covert command and control (C2) routing.”

Google, meanwhile, confirmed in a July 17 statement that it had “filed a lawsuit in New York federal court against the botnet’s perpetrators.” Google also said that it has “updated Google Play Protect, Android’s built-in malware and unwanted software protection, to automatically block BadBox-associated apps.”

ForbesNew Google Chrome Warning — Just 19 Days To Update BrowserBy Davey Winder

FBI Recommendations And Mitigations — Disconnect Devices From The Internet Now

The FBI has recommended that Android users should be on the lookout for a number of potential clues that your Chinese-manufactured smart device could be infected with BadBox 2.0 malware.

• Any requirement for Google Play Protect services to be disabled.
• Any streaming devices that are advertised as being fully unlocked or capable of delivering completely free content.
• Any devices that come from unrecognized brands.
• The use of unknown and unofficial app marketplaces, where software must be downloaded during setup.
• Any unexplained or suspicious internet traffic.

When it comes to mitigation, the advice is straightforward: users should “consider disconnecting suspicious devices from their networks,” the FBI said.

Enhance your driving experience with the P12 Pro 4K Mirror Dash Cam Smart Driving Assistant, featuring Front and Rear Cameras, Voice Control, Night Vision, and Parking Monitoring. With a 4.3/5-star rating from 2,070 reviews and over 1,000 units sold in the past month, it’s a top-rated choice for drivers. The dash cam comes with a 32GB Memory Card included, making it ready to use out of the box. Available now for just $119.99, plus a $20 coupon at checkout. Don’t miss out on this smart driving essential from Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!