Google has launched a legal process on the Badbox 2.0 Botnet Group, which is said to be one of the biggest cyber threats targeting the Android ecosystem. This structure, which is based on China, seized more than 10 million unpaid Android devices in total. These devices include many different hardware, such as smart TV boxes, projection devices and tablets. Google’s case in the United States includes both the request for precautionary measures against operators and the request for financial compensation.
The Botnet network operates to the devices by directly presenting malicious software to the devices in a pre -installed way or by directing users to download malicious applications. The seized devices were used in many digital crimes, especially advertising fraud. This has both threatened individual user security and led to serious financial losses on advertising platforms. Moreover, most of these devices were working on open source android versions.
Google Play Protect System automatically started to prevent applications associated with Badbox 2.0
Google not only sued this cyber threat, not only sued, but also updated the Google Play Protect security system. The company has announced that it will automatically detect and prevent all known harmful applications associated with Badbox 2.0. Thus, an additional layer of security has been commissioned to protect users against new threats. In addition, Android device users were warned not to install applications from unreliable sources.
The FBI is also actively involved in the distribution of this operation. In an official declaration published last month, the Badbox 2.0 network was detected and attempts to collapse continued. In particular, such networks, which target Android devices, continue to be on the radar of cyber security institutions. Previously, similar structures were fought and various operations were carried out.
Activities related to the first version of Badbox were first identified in 2023. The first version of this network targeted Android -based devices and was partially distributed in 2024. However, the Badbox 2.0 is considered to have a much wider diameter and effective structure. The fact that this new version targets millions of devices increases the dimensions of the threat.
Google had previously faced a similar threat in 2021. The Botnet network, named Glupteba, seized about one million Windows devices. After this incident, the company increased technical measures and took legal steps. The Badbox 2.0 case is seen as a new example of Google’s determination in this direction.
Security experts point out that devices without manufacturer certificate are open to such threats. While these devices usually attract attention with their low cost, they have a large description in terms of security updates. However, the fact that users turn to such devices facilitates the growth of botnet networks. On the other hand, the software is open source, forms a suitable ground for malicious software manufacturers.
In this context, security updates by Google are precautions not only against the current threat, but also against future potential threats. It is important that users are more careful in this process, stay away from non -certified devices and prefer official application stores. In addition to all these, manufacturers are expected to adapt to the Android certification standards set by Google. Thus, a more robust safety structure can be created at both user and platform level.