FBI Warning To 10 Million Android Users — Disconnect From Internet Now
In March, I reported that one of the largest botnets of its kind ever detected had impacted over a million Android devices. That massive attack was known as BadBox, but it has now been eclipsed by BadBox 2.0, with at least 10 million Android devices infected. Google has taken action to protect users as best it can, as well as launching legal action against the attackers, and the FBI has urged impacted users to disconnect their devices from the internet. Here's what you need to know.
The FBI, Google And Others Warn Of Android BadBox 2.0 Attacks
The FBI cybersecurity alert, I-060525-PSA, could not have been clearer: ongoing attacks are targeting everything from streaming devices, digital picture frames, third-party aftermarket automobile infotainment systems and other assorted home smart devices. The devices, all low-cost and uncertified, mostly originating in China, allow attackers to access your home network and beyond by, the FBI warned, 'configuring the product with malicious software prior to the user's purchase.' It has also been noted, however, that mandatory 'software updates' during the installation process can also install a malicious backdoor.
Point Wild's Threat Intelligence Lat61 Team reverse-engineered the BadBox 2 infection chain and, as a result, uncovered new indicators of compromise that have been shared with global Computer Emergency Response Teams, as well as law enforcement. 'This Android-based malware is pre-installed in the firmware of low-cost IoT devices, smart TVs, TV boxes, tablets, before they even leave the factory,' Kiran Gaikwad from the LAT61 team said, 'It silently turns them into residential proxy nodes for criminal operations like click fraud, credential stuffing, and covert command and control (C2) routing.'
Google, meanwhile, confirmed in a July 17 statement that it had 'filed a lawsuit in New York federal court against the botnet's perpetrators.' Google also said that it has 'updated Google Play Protect, Android's built-in malware and unwanted software protection, to automatically block BadBox-associated apps.'
FBI Recommendations And Mitigations — Disconnect Devices From The Internet Now
The FBI has recommended that Android users should be on the lookout for a number of potential clues that your Chinese-manufactured smart device could be infected with BadBox 2.0 malware.
When it comes to mitigation, the advice is straightforward: users should 'consider disconnecting suspicious devices from their networks,' the FBI said.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
7 minutes ago
- Yahoo
Data breach at Allianz Life Insurance affects 1.4 million customers
Allianz Life Insurance Company of North America has announced a significant data breach impacting the personal information of a large portion of its 1.4 million customers. The Minneapolis-based company, a subsidiary of Allianz SE based in Munich, reported that the breach occurred on 16 July via a third-party cloud service. In a statement, Allianz Life indicated that a 'malicious threat actor' gained access to the external platform through social engineering, a method whereby attackers deceive individuals into revealing sensitive information or access credentials. 'The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life's customers, financial professionals and select Allianz Life employees,' the statement noted. While the specifics of the compromised data have not been detailed, such breaches typically involve personal details such as names, contact information, social security numbers and financial data. Notably, Allianz Life clarified that its internal systems were not affected. 'This incident was limited to a third-party cloud platform. Our systems remain secure,' a spokesperson for the company stated. In response to the incident, Allianz Life reported that it took immediate measures to contain the breach and has informed the FBI. The incident has also been reported to various authorities including the Office of the Maine Attorney General, as companies are mandated to disclose data breaches that impact residents of the state. According to a filing with the Maine Attorney General's office, Allianz became aware of the breach the day after it occurred and is providing affected individuals with 24 months of complementary credit monitoring and identity theft protection services. The breach is limited to Allianz Life's operations in the US and does not extend to other Allianz corporate entities worldwide. The company has informed the FBI about the incident and indicated that its ongoing investigation has found no evidence that its internal network or other systems including the policy administration system were compromised. In May this year, Allianz reported a net income of €2.42bn ($2.82bn) for the first quarter of 2025 (Q1 2025), a 2.1% decrease from €2.47bn in Q1 2024. However, the German insurer's operating profit increased by 6.3% to €4.2bn, up from €3.9bn the previous year. The property-casualty segment contributed €2.1bn with a 5% rise in operating profit, while the life/health segment saw a 7.5% increase to €1.4bn. "Data breach at Allianz Life Insurance affects 1.4 million customers" was originally created and published by Life Insurance International, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Digital Trends
8 minutes ago
- Digital Trends
Google's confirmed new Pixel phones, a watch and buds, now we've probably seen them too
What's happened? Google has a major launch event coming up on August 20, and it's already confirmed in its media invite that we'll see 'Pixel phones, watches, buds, and more.' And information on what to expect from the Made by Google event continues to flow, with the latest leak seemingly showing us all the devices. The latest images were posted to X by the reliable tipster @evleaks, in two separate threads of images. They appear to show the Google Pixel 10, Pixel 10 Pro, Pixel 10 XL and Pixel 10 Pro Fold smartphones, along with the Pixel Watch 4 and a new color for the Pixel Buds Pro 2. This is important because: As we edge closer to the Made by Google event, we're seeing numerous complimentary leaks from a variety of sources, suggesting this is what we'll see come August 20. We've already had color leaks for the Pixel 10 and Pixel 10 Pro handsets, with the former likely to offer bolder tones, while the latter devices look set to come in understated, premium hues. Even Google has given us an official glimpse of the Pixel 10, which adds a whole lot more weight to the latest leaks. Why should I care? Google's Pixel series of smartphones are one of the most important flagship offerings, going toe-to-toe with Apple's iPhones and Samsung's Galaxy devices. While the Pixel phones don't sell in the same volumes as iPhone and Galaxy S handsets, they are an important window into Google's software features, and set the tone for Android devices over the next 12 months. Pixel phones are a showcase for Android and Gemini, allowing Google to show the world what its platform and AI can do. They will give us a window into Google's latest software and AI features, and set the tone for Android for the next 12 months. Recommended Videos Okay, what's next? We're just over three weeks away from the Pixel 10 launch event when we'll learn exactly what Google has in store for us, and whether these plentiful leaks are accurate. Google will be keen to make a splash as it's likely Apple will swoop in to steal the limelight just a few weeks later with the iPhone 17 launch. Apple's launch might include the hotly anticipated iPhone Air to challenge the Galaxy S25 Edge, a fight Google isn't excepted to join this year.
CNET
8 minutes ago
- CNET
I Love an Old Pair of Shoes I Purchased Years Ago. I Asked AI to Find Me a Similar Style
Every woman can sympathize with this: You finally find jeans that make you feel good or a pair of heels that are both comfortable and stylish. And then, suddenly, it's out of season or style, and there's no way of finding that item again. But some styles are timeless, and you'll want to replace them when they've seen too many red wine spills or look a little weathered. The world of fashion moves faster than a Tinder swipe. Maybe artificial intelligence can help locate links to the original item sold elsewhere, or find a similar look. If AI can help find the best deals online, be used as a shopping assistant and even as a personal assistant, maybe it can help replace my gorgeous pair of heels that I can't find anywhere. With ChatGPT Search, I can upload a photo of my shoes, and it can search the internet for shopping links -- like a Google reverse image search on steroids. There's even specific AI shoe finder GPTs I could test out. (Disclosure: Ziff Davis, CNET's parent company, in April filed a lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.) Can ChatGPT magically find my favorite heels from a photo? The first step was to take a few photos of my beloved shoes from different angles, making sure to capture the brand name. I bought these shoes close to a decade ago, when I was still living in Australia. I made sure to snap any defining features and codes, like a sticker that miraculously stayed on the sole through just about every terrain -- grass, gravel, pavement and floorboards. Next, I opened up ChatGPT, logged in and uploaded four photos with this prompt: "This is an old pair of shoes I love. I want to replace them with either the same item or something similar. I'm a US size 8. The code on the sole is 8M/38½. Here are four photos of the heels." I made sure to select the Web Search button. ChatGPT / Screenshot by CNET It gave me some identifying information in order to help me direct my own Google search, but I wanted it to do it for me. The point was to save time using AI. ChatGPT / Screenshot by CNET I responded with this prompt: "Can you search the internet for links to the exact item?" ChatGPT sourced a bunch of links with resale items and suggested I set up an alert using specific terms like "Lucky Brand Bertel black suede 8M." While it didn't provide the specific product link, I liked being able to sort through the resale pages to see similar styles too. ChatGPT / Screenshot by CNET Before I get deep into online thrifting mode on eBay, I asked ChatGPT to find five new styles that are similar, either from Lucky Brand or the others mentioned. This was fun! I learned that this product is a block-heel suede look, which is helpful to know for whenever I need to do my own searches: ChatGPT / Screenshot by CNET ChatGPT / Screenshot by CNET My only critique so far is I'm not familiar with some of the stores ChatGPT provided links to. I wasn't sure if it was just pulling from eBay and unknown websites because it was trying to find resale items. ChatGPT / Screenshot by CNET So, I asked it to search sites that I'd usually buy shoes from, like DSW and Nordstrom. It came back with direct links to these websites with the search pre-populated as "Lucky Brand" or "women's block heel sandals." This saved me some searching time, taking me straight to things like this Nordstrom page: ChatGPT / Screenshot by CNET It suggested Marshalls/TJ Maxx, which I had forgotten in my previous prompt. I liked the recommendations it gave, such as a specific style for comfort or for a higher heel. It also provided tips on when these brands typically run sales. ChatGPT found me two heels I loved, but one was sold out: ChatGPT / Screenshot by CNET I found another two pairs of Lucky Brand finds from the links ChatGPT provided, only to discover they weren't even my size, even though I included that in my prompt: ChatGPT / Screenshot by CNET It was also interesting how the model didn't add any links from the Lucky Brand site itself, only third-party sellers. Always back up your ChatGPT activity with your own manual research. AI chatbots can be a handy tool to get fashion advice, outfit recommendations, product comparisons and insights about your personal style. However, for online shopping, you're better off going directly to the brands and sites you love. That's the fun part anyway.
