Google targets cybercriminals behind massive Android malware scheme
TL;DR Google is suing the creators of BadBox 2.0, a botnet that infected 10 million off-brand Android devices.
The malware often came pre-installed on cheap streaming boxes, tablets, and projectors, mostly made in China.
Infected devices were used for ad fraud and to hide other cybercriminals' activity behind your home network.
Before they even turned it on, the device was already infected. That's the reality for millions who unknowingly bought Android-powered devices hijacked by BadBox 2.0, a massive botnet that Google is now trying to shut down in court.
As detailed in a blog post, Google is filing a new lawsuit in New York against the group behind the operation. It says BadBox 2.0 is the largest known botnet targeting internet-connected TVs and other Android-based gadgets. According to the company, more than ten million devices were compromised.
These weren't high-end Android TVs or certified tablets. Think of off-brand streaming boxes, digital projectors, and low-cost tablets, mostly running Android Open Source Project, which lacks Google's built-in security protections. Many were sold under unfamiliar brand names, and in many cases, the malware was already baked in when buyers took them out of the box.
Robert Triggs / Android Authority
Once powered on and connected to the internet, the devices became part of a hidden network controlled by cybercriminals. Some were used to commit large-scale ad fraud, simulating fake ad clicks to steal money from advertisers. Others were sold off as part of 'residential proxy' services, allowing shady actors to route their traffic through real users' home networks and effectively hiding their tracks behind the unsuspecting user's IP address.
The botnet was uncovered through a joint investigation by Google, HUMAN Security, and Trend Micro. Google says its Ad Traffic Quality team spotted the activity early, blocking bad traffic and shutting down thousands of accounts trying to profit from the scheme. On your end, Google Play Protect now flags and blocks apps with BadBox behavior, even if they're sideloaded from outside the Play Store.
The FBI has also issued a public warning, urging people to check their connected devices for signs of tampering or strange behavior, especially if the hardware came from an unknown brand or required you to disable Google Play Protect during setup. The agency says most of the compromised gadgets were manufactured in China and sold with malware pre-installed, or infected shortly after setup via malicious apps from unofficial app stores.
By taking the case to court, Google hopes to target the people behind the scheme. While the company's protections contained the damage, it's another reminder that the real cost of a budget streaming box might not be just what you pay at checkout.
Got a tip? Talk to us! Email our staff at
Email our staff at news@androidauthority.com . You can stay anonymous or get credit for the info, it's your choice.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
21 minutes ago
- Yahoo
Ninth Wave Enables Banks to Monetize Open Finance Data Sharing
Ninth Wave's new Portal allows banks to monitor and measure data usage by fintechs and other third parties NEW YORK, August 14, 2025--(BUSINESS WIRE)--Ninth Wave, a leading provider of open finance connectivity solutions, announced the launch of its next-generation Ninth Wave Portal, used along with its open finance direct connection platform. The Portal closely monitors and measures all aspects of open finance data, giving financial institutions (FIs) full control over data sharing while providing deeper insights into security and usage patterns. The Portal will enable FIs to monetize data sharing if they choose, creating new revenue streams from open finance. Following reports that JPMorgan Chase plans to charge fintechs for access to customer banking account data, the entire banking industry is considering how to participate in this new revenue stream. To do that, FIs will need software capable of precisely measuring and controlling usage. Commenting on the news, George Anderson, founder and CEO of Ninth Wave, said: "We've always believed the future of finance is permissioned, embedded, and bank-led. As banks regain control over data sharing, Ninth Wave's Portal enables them to securely manage and monetize permissioned data through value-added services, unlocking new revenue streams." Measuring to MonetizeThe Ninth Wave Portal serves as the financial institution's window into their open finance ecosystem, removing guesswork and increasing transparency. By controlling data flows and protecting against threats, the FI remains central to customer trust – making sure all data interactions are securely integrated, permissioned, and compliant with privacy requirements. FIs can now spot business opportunities based on which third-party applications their customers use and accurately charge fintechs and other third-party users of their data. The Ninth Wave Portal's Analytics and Intelligence feature detects all data requests originating from external applications made on behalf of financial institutions' customers, and identifies the following: - Which applications are accessing data from the FI - Which fintech applications are accessing data through aggregator partnerships - What is the volume of requests per application - How many customers are taking advantage of the connectivity and who are they - What are the performance and uptime statistics for the open finance APIs Monitor to Manage SecurityThe Ninth Wave Portal's Fintech Registry™ feature allows FIs to manage risk across the fintech ecosystem by providing a complete view of who and how data is being shared. If the FI detects suspicious activity, they can quickly revoke access for a person, business, fintech application, or ecosystem partner. This is a vital tool for maintaining data security, privacy, and control to protect against financial threats. The Fintech Registry™ also offers additional functions to monitor fintech level entitlements at the customer level, ensuring all data exchanges between customers and fintechs are securely integrated and permissioned. For more information about The Portal, please visit the Ninth Wave website About Ninth WaveNinth Wave is the leading provider of secure data connectivity between financial institutions and third-party applications including aggregators, fintechs, accounting solutions, tax preparation software, and other consumer and business solutions. The company's platform powers direct connections for over 2,000 institutions and 120 million accounts, with seven of the top 10 U.S. banks and eight of the top 10 U.S. wealth managers among its current clients. Ninth Wave was founded in 2018, is privately held and headquartered in New York City. For more information, visit View source version on Contacts George Ravichgravich@
Yahoo
21 minutes ago
- Yahoo
Mizuho lifts price targets on global AI server stocks
-- Mizuho raised estimates and price targets for several global AI server and semiconductor names, citing 'strong May-July Taiwan AI Server ODM revenue,' significant hyperscaler ramps, and newly granted China licenses. The firm said Wistron's revenue jumped 59% quarter over quarter, with Wiwynn and Foxconn up 23%, which it called 'positive for JulQ NVDA and DELL.' Mizuho added that 'GB200/300 ramps in OctQ/JanQ (positive DELL, MU with HBM and CRDO) position NVDA for upside,' while China's license approvals could 'drive 300-500K+/yr of GPUs for AMD/NVDA in C26E.' The bank also pointed to 'near-term strong xAI, OCI and MSFT ramps,' with xAI potentially ramping Colossus2 to 350,000–1 million GPUs. OCI's Stargate project could lift its capital spending to $40 billion, while CRWV maintains $21 billion in 2025 outlays. Microsoft is 'ramping GB300/B300 strongly,' featuring 50% more high-bandwidth memory than the GB200 generation, a positive for Micron. Mizuho now expects hyperscaler capital expenditure to climb 54% year over year in 2025, versus a prior 38%, with Meta's 2026 spending projected up about 40% to $97 billion. AI accelerator shipments are forecast to reach 14 million units in 2026, up 24% from a year earlier, and AI server spending to hit $415 billion by 2029, growing at a 26% compound annual rate. The firm raised its price target for Nvidia to $205 from $192, AMD to $205 from $183, Dell to $160 from $150, and Credo to $135 from $112, while maintaining Micron estimates but noting continued benefits from 'strong HBM demand with HBM3e 12-Hi ramping well.' Related articles Mizuho lifts price targets on global AI server stocks Trump order relaxing commercial spaceflight rules boosts some space-related stocks Bumble stock tumbles after shareholders offer block at discount
Yahoo
21 minutes ago
- Yahoo
Viridi Confirms FEOC Compliance, Strengthening U.S. Energy Security
This Achievement Places Buffalo-Based Viridi Among a Select Group of Energy Storage Providers Whose Systems Are Both American-Made and Fully Eligible for Federal Incentives, Setting a New Benchmark for Safety and Compliance Under Evolving Clean Energy Standards BUFFALO, N.Y., Aug. 14, 2025 /PRNewswire/ -- Viridi, the industry leader in fail-safe battery energy storage systems (BESS), today announced that its products meet the current Foreign Entity of Concern (FEOC) requirements, as expanded under the One Big Beautiful Bill Act (OBBBA) to apply across multiple clean energy tax credits. This confirmation makes Viridi among one of the few BESS providers whose systems are both American-made and fully eligible for federal incentives—while strengthening the security and resilience of the nation's clean energy supply chain. Manufactured in Buffalo, New York, Viridi's proprietary fail-safe lithium-ion BESS features advanced anti-propagation technology that prevents thermal runaway from propagating between cells, setting a new benchmark for safety in commercial-scale storage. This unique design enables installation in an indoor environment–including existing, occupied buildings–where traditional lithium-ion systems cannot safely operate. Viridi's product portfolio already meets the Material Assistance Cost Ratio (MACR) threshold of 75% for 2030 and beyond, and complies with current FEOC sourcing rules, ensuring customers can capture full ITC benefits. "Our customers want safe, proven energy storage they can deploy today—without waiting for supply chains to catch up or worrying about compliance risks," said Jon M. Williams, CEO of Viridi. "By manufacturing in the U.S. with a fully traceable, FEOC compliant supply chain, we're delivering zero-emissions power that developers, building owners, and critical infrastructure operators can trust—backed by the incentives that make projects possible." Viridi's compliance stems from a combination of domestic manufacturing, rigorous supplier vetting, ownership verification, and certification processes. "Compliance isn't just a box to check– it reflects the disciplined supply chain management and strategic U.S. based manufacturing we've practiced from the beginning," Williams added. "By manufacturing in the U.S. and embedding FEOC compliance into our operations, we've eliminated uncertainty for our customers and created a platform for safe, rapid deployment of clean energy projects nationwide." With units in stock and ready to ship, Viridi removes the bottlenecks that can otherwise slow clean energy projects. Whether powering microgrids, critical infrastructure, mobile operations, or commercial facilities, Viridi delivers scalable, zero-emissions energy—without import delays or compliance concerns. For more information, visit: About ViridiViridi is transforming energy storage with its proprietary fail-safe lithium-ion battery technology. Viridi's battery energy storage systems (BESS) feature breakthrough anti-propagation technology, preventing propagation and significantly reducing the risk of lithium-ion battery fires. Viridi's commercial-scale BESS is among the first and only to be installed in an existing, occupied building, setting a new benchmark for safety and reliability. Engineered for seamless integration into virtually any environment, the BESS combines advanced AI and connectivity to deliver unparalleled remote monitoring and energy optimization. Viridi enables clean, scalable energy solutions across industries, paving the way for a safer, more sustainable future. Learn more at: and follow Viridi on LinkedIn. Media Contact:Alexandra Pony399658@ View original content to download multimedia: SOURCE Viridi Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
