Wednesday , July 23 2025
BADBOX 2.0

Hackers infect 10M Androids with BADBOX 2.0

infosecbulletin 3 days ago Cyber Attack

Google is suing 25 unidentified cybercriminals thought to be from China for running BADBOX 2.0, a major global botnet with 10 million hacked devices. BADBOX uses internet-connected Android devices like smart TVs, streamers, digital frames, car systems, projectors, and inexpensive off-brand tablets made in China and sold worldwide.

It has infected over 10 million uncertified devices that use Android software but do not have Google’s security. On July 11th, Google sued a group called “Does 1-25” for causing serious harm.

UK to ban public sector from paying ransomware gangs

By infosecbulletin / Wednesday , July 23 2025
The UK government plans to ban public sector and critical infrastructure organizations from paying ransomware ransoms. The proposed legislation would...
Read More
UK to ban public sector from paying ransomware gangs

(CVE-2025-6704, CVE-2025-7624)
Urgent Sophos Firewall Update: Two Critical RCE Flaws Patched

By infosecbulletin / Tuesday , July 22 2025
Sophos has released a security advisory addressing five vulnerabilities in Sophos Firewall, two of which are critical and could enable...
Read More
(CVE-2025-6704, CVE-2025-7624) Urgent Sophos Firewall Update: Two Critical RCE Flaws Patched

Dell admits breach of test lab platform by World Leaks extortion group

By infosecbulletin / Monday , July 21 2025
A newly rebranded extortion gang known as "World Leaks" breached one of Dell's product demonstration platforms earlier this month and...
Read More
Dell admits breach of test lab platform by World Leaks extortion group

Microsoft issues urgent patches for SharePoint RCE vulnerabilities

By infosecbulletin / Monday , July 21 2025
Microsoft issued urgent updates for two serious SharePoint security holes, identified as CVE-2025-53770 and CVE-2025-53771, used in attacks known as...
Read More
Microsoft issues urgent patches for SharePoint RCE vulnerabilities

HPE alerts of hardcoded passwords in Aruba access points

By infosecbulletin / Sunday , July 20 2025
Hewlett-Packard Enterprise (HPE) warns that Aruba Instant On Access Points have hardcoded credentials, enabling attackers to skip normal authentication and...
Read More
HPE alerts of hardcoded passwords in Aruba access points

Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours

By infosecbulletin / Sunday , July 20 2025
The Akira ransomware group increased its attacks, adding 12 new victims to its dark web portal from July 15 to...
Read More
Akira Ransomware Allegedly Compromise 12 Companies in 72 Hours

Singapore urgently engage military force to tackle ‘serious’ cyberattack

By infosecbulletin / Saturday , July 19 2025
Defence Minister Chan Chun Sing said these select units will work with the Cyber Security Agency (CSA) in a united...
Read More
Singapore urgently engage military force to tackle ‘serious’ cyberattack

Hackers infect 10M Androids with BADBOX 2.0

By infosecbulletin / Saturday , July 19 2025
Google is suing 25 unidentified cybercriminals thought to be from China for running BADBOX 2.0, a major global botnet with...
Read More
Hackers infect 10M Androids with BADBOX 2.0

Oracle Patched 200 Vulns With July 2025 CPU

By infosecbulletin / Saturday , July 19 2025
Oracle's July 2025 Critical Patch Update includes 309 new security patches, with 127 addressing remotely exploitable vulnerabilities. SecurityWeek found about...
Read More
Oracle Patched 200 Vulns With July 2025 CPU

Ivanti Zero-Days Exploited to Drop MDifyLoader

By infosecbulletin / Saturday , July 19 2025
Cybersecurity researchers have revealed a new malware named MDifyLoader, linked to cyber attacks using security vulnerabilities in Ivanti Connect Secure...
Read More
Ivanti Zero-Days Exploited to Drop MDifyLoader

The lawsuit alleges that the group of cybercriminals tarnishes Google’s reputation when fraud occurs on its platforms, causing the company to expend substantial resources to detect, deter and disrupt BADBOX, which grows every day.

“Google has shown that Defendants – through their participation in, and operation of, the BadBox 2.0 Enterprise – have threatened the security of the internet, including Google platforms, by transmitting malware through the internet to configure, deploy, and operate a botnet,” the court document reads.

Cybercriminals sell access to hijacked devices to other criminals, who use them to conceal large-scale fraud and illegal activities.

“Google is entitled to recover treble damages plus costs and attorney’s fees from the Defendants,” the complaint reads.

Google announced in a blog post that it quickly responded to a threat and updated Google Play Protect to automatically block apps associated with BadBox. However, BADBOX comes preinstalled on the devices at the firmware level and cannot be easily removed. Full report here.

Check Also

Wing FTP 2000+ Servers Exposed Online: Actively Exploiting

Security researchers warn that hackers are exploiting a critical vulnerability in Wing FTP Server to …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin