FBI & Google Warn: Unsafe Smart Devices
- The FBI, along with major tech companies like Google, issued a warning about cybercriminals exploiting vulnerabilities in smart devices connected to home networks.
- The threat centers around the BADBOX 2.0 botnet, which targets generic brand devices, frequently enough manufactured in China.
- Whether the malicious software is present at purchase or downloaded later, the result is the same: infected devices become part of the BADBOX 2.0 botnet.
FBI Warns of Smart Device Cyberattacks via BADBOX Botnet
The FBI, along with major tech companies like Google, issued a warning about cybercriminals exploiting vulnerabilities in smart devices connected to home networks. These actors are gaining unauthorized access using malicious software, either pre-installed or downloaded after the device connects.
The threat centers around the BADBOX 2.0 botnet, which targets generic brand devices, frequently enough manufactured in China. The FBI said the affected devices include TV streaming devices, digital projectors, aftermarket vehicle infotainment systems, and digital picture frames.

Whether the malicious software is present at purchase or downloaded later, the result is the same: infected devices become part of the BADBOX 2.0 botnet. This network is then used for malicious activity, offering compromised home networks for various criminal purposes.
The BADBOX 2.0 botnet impacts devices running generic Android operating systems. Even secure devices can be compromised by downloading apps from unofficial marketplaces, similar to how android smartphones can be infected. The botnet consists of millions of infected devices and provides backdoors to proxy services, which cybercriminals exploit.
The FBI, Google, and security vendors advise the public to inspect their IoT devices for signs of compromise and consider disconnecting any suspicious devices.This includes devices that request disabling Google Play Protect during setup or exhibit unusual internet traffic.
The advisory recommends that homeowners with generic smart devices monitor their internet usage for high-volume traffic that seems inconsistent with normal activity. They should also ensure all devices are updated and avoid using third-party marketplaces. Prioritizing patching firewall vulnerabilities and known exploits in internet-facing systems is also crucial.
Human Security, a security vendor involved in the warning, reports that infected devices can also attack other users on the home network. This includes malware distribution, one-time password interception, and creating fake accounts.These attacks often target low-cost, off-brand Android devices with backdoors.
Evaluate IoT devices in their home for any indications of compromise and consider disconnecting suspicious devices from their networks.
What’s next
Consumers should exercise caution when buying and connecting generic IoT devices, paying close attention to the manufacturers and checking reviews. Disabling security protections or installing apps from unofficial stores should be avoided. If a device exhibits suspicious behavior, it should be disconnected promptly.Regularly assessing the number of such devices in the home is also recommended to mitigate potential risks from cyberattacks and the BADBOX 2.0 botnet.
