Close Menu
Login/Register
Technology

FBI warns over 1 million smart TVs, streaming boxes infected with BadBox malware

No Comments9 Mins Read
1 fbi warns over a million android devices hijacked by malware.jpg

newYou can listen to Fox’s news articles!

Anything that connects to the Internet can be hacked by malware.

This includes mobile phones (both Android and iPhone) and laptops (less known systems such as Windows, Mac, or Linux). Devices such as Wi-Fi routers and security cameras are also not safe.

But who thought the hacker was targeting you? Smart TVstreaming boxes, projectors, tablets too? That’s right, the FBI warns that bad actors hijacked these devices over millions with malware and turned them into global, unconscious participants Cybercrime network.

Sign up for my free CyberGuy Report
Get my best tech tips, emergency security alerts and exclusive transactions straight to your inbox. Plus, you’ll get instant access to my ultimate scam survival guide. It’s free if you participate.

Remote control and smart TV (Kurt “Cyberguy” Knutsson)

FBI warning: Over 1 million smart devices infected with Badbox 2.0 malware

The FBI is a warning Over a million smart TVs, streaming boxes, projectors and tablets are infected with a massive malware operation called Badbox 2.0. Malware often involves participants in the global cybercrime network with home electronics before users can give them power.

In a statement, the FBI says Badbox 2.0 is generally cheaper Android-based devices Made in mainland China. These include uncertified tablets, connected TV boxes and other Internet of Things hardware. Many infected devices ship with malware pre-installed. Others are often compromised during setup, through malicious firmware updates and sideload apps from the unofficial market.

The FBI warns about hackers who use outdated routers. Check it out now

Once infected, the device is connected to a command and control server, allowing hackers to reroute malicious traffic through their home network, load malicious ads into the background, and perform qualification attacks without the user knowing. Essentially, your smart TV could quietly help someone get into someone else’s account.

Botnets are primarily used to turn infected devices into residential proxy nodes, providing hackers with anonymous access to their actual home IP addresses. This means that while hiding behind an internet connection, televisions and projectors may be unconsciously helping cybercriminals bypass security systems and commit online advertising fraud and brute force accounts.

People who have tablets

People who have tablets (Kurt “Cyberguy” Knutsson)

Don’t click on that link! How to find and prevent phishing attacks in your inbox

Badbox Malware History: From TV Boxes to over 1 million infected devices

Badbox first appeared in common TV boxes such as the T95 in 2023. The original botnet was temporarily confused in Germany in 2024 when security researchers “sinkhorrored” the malware command server. It wiped out some of the operations, but not long. Just a week later, the malware reappeared on almost 200,000 devices, including more recognizable brands such as Hisense smartphones and Yandex TV.

By March 2025, Badbox had evolved to Badbox 2.0, with over 1 million active infections detected by the Human’s Satori Threat Intelligence team. The majority of devices are not certified by Android Open Source Project Builds. These are not official Android TV OS products and are not protected by Google Play Protect.

Researchers say the malware was discovered in 222 countries. A significant number of infections are concentrated in Brazil, followed by the US, Mexico and Argentina.

The FBI, in collaboration with Google, Trend Micro, Human, and The Shadowserver Foundation, recently disrupted communications between over 500,000 infected devices and their control servers. But botnets continue to grow as more compromised products reach consumers and remain unaware.

Symptoms of infection include strange app markets, invalid play protection settings, or devices advertised as unlocked or free streaming possible. Many of these products come from unknown brands and are sold through unofficial sellers. If you recently purchased a budget Android TV box or projector, especially a projector that is not certified by Google, we recommend that you take a closer look.

Smart TV

Smart TV (Kurt “Cyberguy” Knutsson)

Android scam allows hackers to use credit cards remotely

How to determine if your device is infected with Badbox 2.0

If you’re wondering whether your smart TV, streaming box, projector, or tablet is part of a Badbox 2.0 botnet, here are some warning signs and checks.

1. I purchased a low-cost Android-based device from an unknown or unknown brand. Devices sold online through third-party sellers or unknown brands are at higher risk, especially when advertised as “unlocking,” “jailbreaking,” or as offering free streaming. Models such as the T95 box and other popular Android TV boxes are known carriers. Specifically, the following devices have been identified as being affected by Badbox malware:

Device Model: TV98, x96q_max_p, q96l2, x96q2, x96mini, s168, ums512_1h10_natv, x96_s400, x96mini_rp, tx3mini, hy-001, mx10pro, x96mini_plus1, longtv_7501e, Netbox_b68, x96q_pr01, av-m9, adt-3, ocbn, x96mate_plus, km1, x96q_pro, projector_t6p, x96qpro-tm, sp731e_1h10_native, m8sprow, tv008, x96mini_5g, q96mart_mart TVBox, Smart, KM9Pro, A15, TransPeed, KM7, ISINBOX, I96, SMART_TV, FUJICOM-SMARTTV, MXQ9PRO, MBOX, X96Q, ISINBOX, MBOX, R11, GameBox, KM6, X96Max_plus2, TV007, Q9 Stick, sp731e, X988, X988, txcz

2. Your device is not Google certified: If your Android device does not support it Google Play Protect Or does not display Play the protection certificate Play Store settings may run on uncertified versions of Android. It’s a big red flag. To check:

  • It will open Google Play Store.
  • Tap the profile icon> setting > About.
  • search Play the protection certificate. If it says “Device not certified”, that’s a problem.

3. Suspicious behavior or strange apps: Find unfamiliar apps you haven’t installed, foreign characters, or apps with alternative app stores on your device. Devices infected with Badbox often come preloaded with suspicious apps.

4. Google Play Protect is disabled: If Play Protect is turned off without knowledge or completely missing, the device may be vulnerable to compromise.

5. The internet in your home behaves strangely: If the network is abnormally slow or the router indicates that an unknown device is connected, one of the smart devices may be hijacked and reroute traffic as part of a residential proxy network.

6. The device comes with outdated or unofficial firmware. If your device does not receive software updates or has an odd update process, it is another potential indication that it is not legal or could be compromised.

The FBI warns about fraud targeting victims in fake hospitals and police

8 Ways to Protect Your Device from Badbox 2.0 and Android Malware

Do you want to stay safe? Below are eight practical steps you can take to protect your smart device from Badbox 2.0 malware and other hidden Android threats.

1. Use powerful antivirus software. Protecting your device starts with strong anti-virus protection. Malware like Badbox 2.0 is often pre-installed on cheap, uncertified Android devices and infects them before they are turned on. A trusted anti-virus app can help you detect hidden threats, block malicious traffic, and warn you of suspicious behavior that may not be noticed. Get the best 2025 Antivirus Protection Winners picks for Windows, Mac, Android and iOS devices.

2. Purchase only certified and reliable devices. Stick to devices certified by Google or other recognized platforms. Avoid general or unbranded Android boxes, tablets and projectors. Avoid, especially if they are advertised as unlocking or free streaming. Cheap and uncertified devices are more likely to have malware pre-installed.

3. Avoid bystander apps from unofficial sources. Do not install apps from third-party app stores or download APK files from unknown websites. These files can contain hidden malware. Use only official app stores, such as the Google Play Store, which scans apps for threats.

4. Please check the device settings for tampering. Look for signs like Google Play Protect is off, the presence of an unfamiliar app store, or suspicious apps running in the background. These are signs that your device may be compromised.

Click here to get your Fox business on the go

5. Monitor your network for extraordinary activity. If your internet is suddenly slowing down or you notice an unknown device on Wi-Fi, investigate it. Use your router settings or network monitoring app to track strange behavior or malformed connections.

6. Disconnect and replace any suspicious hardware. If your device is working strangely or purchased from an untrusted source, unplug it from the network. Consider replacing it with a product from a reputable brand and verified seller.

7. Update your device and apps: Install system and app updates regularly. Cheap devices don’t always offer updates, Keep your software up to date Reduce risk. Choose a brand known for providing reliable security patches.

8. Protect your router and home network. The device is as secure as the connected network. Set a strong and unique password on your Wi-Fi router and update your firmware regularly. Disable remote access unless absolutely necessary and use WPA3 encryption when available. Consider using a password manager to generate and store complex passwords. Get my details Find the best expert reviewed password managers of 2025 here.

As Badbox 2.0 continues to evolve, protecting not only individual devices but the entire home network has become essential to staying one step ahead of cybercriminals.

This is what you’re wrong when a scammer calls

Important points of cart

It’s amazing how simple things like budget streaming boxes and projectors work quietly for cybercriminals. As smart devices become part of almost everything we do, careful and informed consumers become more of a problem than ever. Small steps like buying from trusted brands or avoiding unofficial downloads can make a huge difference in keeping your home and personal data safe.

Click here to get the Fox News app

With over 1 million devices infected, who should be accountable to the manufacturer, government, or consumer? Write us and let us know cyberguy.com/contact.

For more information about my tech tips and security alerts, sign up for our free Cyberguy Report Newsletter cyberguy.com/newsletter.

Please ask Cart questions or tell us what stories you would like us to cover.

Follow your cart on his social channels:

Answers to the most accused Cyber ​​Guy questions:

New from Cart:

Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.

Kurt “Cyberguy” Knutsson is an award-winning tech journalist who loves technology, gear and gadgets that will make your life better with his Fox News & Fox Business contributions in the morning of “Fox & Friends.” Do you have any technical questions? Get our free Cyber ​​Guy Newsletter in Cart and share your voice, story ideas, or comments cyberguy.com.

Share.
info

TOPPIKR is a global news website that covers everything from current events, politics, entertainment, culture, tech, science, and healthcare.

Related Posts

Leave A Reply

Toppikr
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.