Google has filed a lawsuit against the organizers of the BadBox 2.0 botnet, which infected more than 10 million Android devices with malware. It is known that the software was designed to fraud advertisers, create resident proxy networks, and commit other cybercrimes.
The lawsuit filed earlier this week in New York federal court, alleges that 25 anonymous individuals from China used the BadBox 2.0 botnet and infected not only smartphones but also smart TVs, set-top boxes and AOSP-based devices.
The malware worked on the devices in the background, mimicking the behavior of a real user. Among the main actions highlighted:
- hidden download of background ads using fake apps
- hidden launch of web browsers with sites connected to gambling and ads
- emulating clicks on real ads for clickbaiting
The compromised devices were not Google Play certified and thus bypassed Google’s standard security checks.
“Our Ad Traffic Quality Assurance team identified this threat and quickly took action. We updated Google Play Protect, Android’s built-in protection against malware and unwanted software, to automatically block BadBox-related apps,” Google said in a statement.
The company also noted that the software was introduced in several ways: via firmware pre-installed on devices that were then sold for a low price online, by installing apps from third-party sources, and via a command-and-control (C2) server that the device contacted when it first booted up.
It’s worth noting that BadBox 2.0 is an updated version of the BadBox botnet, which was taken out of service by German law enforcers back in 2024 by blocking domains and control infrastructure. However, cybercriminals were able to revive the network.
Google emphasized the need for legal action against BadBox 2.0 to avoid new criminal incidents and preserve the image of the Android ecosystem.
“The lawsuit filed will allow us to dismantle the criminal group behind the botnet, preventing it from committing new crimes and frauds,” Google said.
In addition to filing the lawsuit, the company has also joined forces with the FBI to fight illegal botnet activity and protect consumers and businesses around the world.
- Official information about the lawsuit: Google blog
- Lawsuit: pdf
- Read more: Google news
