208/68 Tuesday, June 10, 2025
The FBI has issued a warning about the widespread outbreak of BadBox 2.0 malware, which is reportedly infecting millions of IoT devices globally. The affected devices are primarily manufactured in China, including smart TV boxes, projectors, and infotainment systems, many of which are preloaded with malware either during manufacturing or through setup apps containing hidden backdoors. Once these compromised devices are connected to a home network, they become part of the BADBOX 2.0 botnet, potentially being used for cyberattacks or sold as residential proxies to mask the identity of malicious actors.
BadBox 2.0 is a revamped version of the original BADBOX operation, which was reportedly shut down in 2024. The malware specifically targets Android-based devices, either by pre-installation or via malicious applications post-purchase. Its main goal is to enable remote control of the infected devices, allowing attackers to pivot into other networks or hide their IP addresses to evade detection.
The FBI advises users to monitor their IoT devices for suspicious behavior, such as installing apps from unverified sources, prompting to disable Google Play Protect, or exhibiting unusual internet traffic. Consumers are also urged to avoid TV boxes that advertise access to free unlocked content and to be wary of unbranded or obscure manufacturers. Regular firmware updates and security patches are critical in protecting against infections like BADBOX 2.0, which continues to spread rapidly.
