FBI warns over 1 million Android devices hijacked by malware

Fox News ^ | 6/12/25 | Kurt Knutsson

[Libloather]

Everything that connects to the internet can be hacked by malware.

This includes your phones (both Android and iPhones) and laptops (whether Windows, Mac or even lesser-known systems like Linux). Devices like your Wi-Fi router and security cameras aren’t safe either.

But who would have thought hackers are now targeting your smart TVs, streaming boxes, projectors and tablets, too? That’s right, the FBI warns that bad actors have hijacked over a million of these devices with malware, turning them into unwitting participants in a global cybercrime network.

The FBI is warning that more than a million smart TVs, streaming boxes, projectors and tablets have been infected by a massive malware operation called BadBox 2.0. The malware turns home electronics into participants in a global network of cybercrime, often before the user even powers them on.

In a statement, the FBI says BadBox 2.0 is commonly found on cheap Android-based devices manufactured in mainland China. These include uncertified tablets, connected TV boxes and other Internet of Things hardware. Many of the infected devices ship with the malware preinstalled. Others are compromised during setup, often through malicious firmware updates or sideloaded apps from unofficial marketplaces.

Once infected, the devices connect to a command and control server, allowing hackers to reroute malicious traffic through home networks, load fraudulent ads in the background and carry out credential-stuffing attacks without the user knowing. Essentially, your smart TV could be quietly helping someone break into other people’s accounts.

The botnet is primarily used to turn infected devices into residential proxy nodes, providing hackers with anonymous access to real home IP addresses. That means your TV or projector might unknowingly be helping cybercriminals bypass security systems, commit ad fraud or brute-force online accounts while hiding behind your internet connection.

[Libloather]

Probably could make a mint being a hacker.

[willk]

Freaking China is so down right evil.

[Salvavida]

If I were Trump, nothing electronic is imported from China. Period.

[LegendHasIt]

Android itself is malware, As is anything put out by Google (or microsoft).

[TigersEye]

btrl

[Flaming Conservative]

Another great gift from China!

[TheBattman]

Yet the author doesn’t provide an example of iPhones being hijacked...

[BradyLS]

Furbies were the first warning. Now our gadgets and gizmos collect data, burble at each other, and phone home across the “internet of things.”

[jimtorr]

Are Furbies still a thing? I remember when they first hit the shelves, and immediately being banned from NSA spaces. People brought them to work, overheard classified things, and repeated them.

[FreedomPoster]

VLANs for your IoT devices are a thing. High on my priorities to implement in the next 6 months, following a move. IoT stuff really needs to have Internet access sharply limited, along with access to your trusted devices.

And this is why I don’t use my smart TV’s smarts, but ante up for AppleTV streaming devices. Yes, Apple has plenty of faults. But they’re a heckuva lot better than than Android on security and personal privacy.

[Adder]

Not sure where that leaves us, then.

Because Apple is a cult.

[Don@VB]

On a couple of occasions, the setup firmware from a new TV right out of the box directed me to phishing sites trying to get credit card info.

[montag813]

If you bought an Android tablet via AliExpress or on TikTok Shop, it probably has this.

[asinclair]

The problem isn't just compromised devices, it's uninformed and lazy owners. In my house, I have a number of "smart" devices. NONE OF THEM are connected to unfiltered Internet. It's tedious, but blocking access is not that hard:

• Check the network configuration in each device. I set network to "disable" if I have that option. If not, I set network, where possible, to "wired", and "forget" to connect the cord. For wireless only, I set the ID to "nothing".
• I have a firewall, built using Linux and locked down hard in both directions, so that outside connections to inside devices are blocked.
• All WiFi access points are inside the firewall. All others are shut down, confirmed regularly.
• My Android phone is accessible from the outside via cellular radio. The WiFi access is through the above-mentioned access points.

My home network has been "pen tested" -- this exposes any potential uncovered attack surface. Typical homes don't require this testing; my configuration is complex enough to require it.

Finally, I reboot my exposed devices regularly so memory-resident malware is purged.

[Vaduz]

Decoy comouter

Add malware

Add click here fo safe mode

leave on when sleeping

[LegendHasIt]

Linux.

I just wish Linux based phones were widely available. They are rare and long waiting lists at the few manufacturers.

[Glinda Whatsit]

Ping

[Glinda Whatsit]

Bookmark