Google has filed a lawsuit against the operators of a what is believed to be the largest smart TV botnet in the world — BadBox 2.0.
The company said in its complaint that this China-based botnet had compromised more than 10 million uncertified devices — including TV streaming boxes, tablets and projectors. Google said that cybercriminals pre-installed malware or used malicious apps to download malware on hardware that was running open-source Android software. These compromised devices were then used to conduct “large-scale ad fraud and other digital crimes.” In addition to the lawsuit, which is an injunction against the botnet’s operators as well as unspecified damages, Google said it has updated Google Play Protect to automatically block known apps associated with BadBox 2.0.
The FBI is also working to dismantle BadBox 2.0, with an alert about the operation issued last month. The original BadBox botnet campaign, which also primarily infiltrated Android operating systems, was identified in 2023 and disrupted in 2024.
Google has been a target for this type of cybercriminal activity before. In 2021, it disrupted Glupteba, which at the time was one of the largest botnets with about one million Windows PCs impacted.
Read the full complaint below: