Google sues China-based operators over BadBox 2.0 Android botnet

Google has initiated legal action against the alleged operators of BadBox 2.0, a China-based botnet. The lawsuit states that the botnet has compromised over 10 million uncertified Android devices, including TV streaming boxes, tablets, and projectors, globally. Google accuses the group of orchestrating ad fraud and other cybercrimes, as per reports.

Google's complaint indicates that infected devices were primarily running open-source Android versions. Malware was either pre-installed or delivered through apps downloaded after purchase. Once compromised, devices reportedly became part of a botnet that generated ad traffic.

Google is seeking an injunction to block the operators and unspecified damages. The company also seeks legal authority to dismantle components of the BadBox infrastructure. Google Play Protect, its Android security service, has been updated to detect and block apps linked to the BadBox campaign.

The FBI is investigating and working to dismantle the botnet. A federal alert regarding BadBox 2.0 was issued last month. The original BadBox campaign was exposed in 2023 and partially disrupted in 2024.

In 2021, Google took action against Glupteba, a botnet that had infected over one million Windows machines.

Read More:Could Google's cookie delay usher in a post-Google ad era?