Валентин Шнайдер Hot News 18 July 2025, 16:49

Google sues 25 Chinese companies over BADBOX 2.0 botnet that infected over 10 million Android devices

The tech giant accuses groups linked to the botnet of massive cyberattacks, ad fraud and the creation of fake apps.

Google has filed a lawsuit in federal court in New York against 25 individuals and organizations from China suspected of organizing the BADBOX 2.0 botnet. According to The Hacker News, the attackers infected more than 10 million devices based on the Android Open Source Project, which does not have Google’s built-in protection mechanisms.

Google notes that IoT devices, including set-top boxes, car multimedia systems, and digital photo frames, were pre-installed with malware or infected when they first loaded applications, allowing cybercriminals to create a large network of infected devices for fraudulent schemes, including click fraud.

The lawsuit states that BADBOX consists of several groups: one manages the command-and-control server infrastructure, another creates backdoors, and the Evil Twin and Ad Games groups are responsible for fake apps and games to load hidden ads. The scheme allowed the attackers to earn money through Google Ads by simulating ad views and clicks.

The court has already issued a preliminary injunction, ordering the scheme’s participants to immediately shut down the botnet and instructing ISPs and domain registrars to help block the traffic. Google has also updated its Play Protect system to block BADBOX-related apps.

The first version of BADBOX was discovered in 2022, and the current attack is the largest involving CTV devices. The largest number of infections was recorded in Brazil, the United States, Mexico and Argentina. HUMAN Security experts called this lawsuit an important step in the fight against fraudulent botnets that steal resources and cause millions in losses to advertising networks.

As a reminder, our news feed also reported that Google disagrees with the court’s decision recognizing it as a monopoly in the search engine market and is already preparing to appeal. The company claims that the measures proposed by the US government will harm not only it, but also its users.