FBI Warns BADBOX 2.0 Botnet Infecting Millions of Smart Home Devices: How to Know If Your Device is Infected

A fresh malware scheme called BADBOX 2.0 is quietly compromising millions of smart home devices throughout the US, according to the FBI.

Your connected gadgets—everything from TV streaming boxes and digital projectors to tablets and car infotainment systems are being converted into covert cybercrime tools unbeknownst to their users.

What Is BADBOX 2.0 and How Does It Work?

FBI Warns BADBOX 2.0 Botnet Infecting Millions of Smart Home

According to Digital Trends, ADBOX 2.0 is not merely another buggy malware. After a device is hijacked, it is integrated into a home proxy network, enabling hackers to perform criminal activities such as ad fraud, data scraping, and so on, all via your own IP address. Targets suffer no apparent symptoms, making this activity all the more sinister.

"This is all completely unbeknownst to the poor users that have bought this device just to watch Netflix or whatever," Gavin Reid, chief information security officer at cybersecurity firm Human Security, told Wired.

Which Devices Contain BADBOX 2.0?

The FBI cautions that most compromised devices have several characteristics in common, including TV streaming boxes, aftermarket, auto infotainment systems, digital projectors, and even digital photo frames.

It should be noted that these devices are usually produced in China and branded with generic, unrecognizable names. Others, such as those in the "TV98" and "X96" Android device lines, are even marked as "Amazon's Choice" when they are actually infected.

Security researchers estimate more than 1 million active infections, with several million more devices compromised.

How BADBOX 2.0 Infection Attacks Your Devices

There are two main ways your smart home device may become infected:

Pre-Installed Malware

Some devices are compromised even before they reach your house, infected during manufacturing or distribution.

Malicious App Downloads

During the initial setup process, users will be encouraged to download apps from unauthorized third-party app stores, creating an entry point for malware installation.

This is a departure from the initial BADBOX campaign, which primarily focused on compromising devices at the firmware level. BADBOX 2.0 is more stealthy and propels itself faster through software deception and fake apps.

Warning Signs Your Device Could Be Infected

While your smart home device is functional, you might watch out for these signs of botnet infection.

1. Your device prompts you to turn off Google Play Protect.
2. The brand is unknown or unrecognized.
3. It says it's "unlocked" or that it provides free streaming services.
4. You're told to download from unofficial app stores.
5. You see unusual internet activity on your home network.

How to Secure Your Home Network

To protect against BADBOX 2.0, the FBI advises:

1. Avoid third-party app stores. Use Google Play or Apple's App Store.
2. Don't buy cheap, unbranded devices. They can end up costing you more in the long term.
3. Watch your network for unusual data surges or unknown devices.
4. Update firmware regularly on all devices and your router.

If you think your house is hacked, shut down the device right away and report it to the FBI by clicking here. Make sure to follow these steps to avoid further infection of your other devices.