Yes I am assuming IoT devices from china are ‘cheap’.
Look at this FBI IC3 headline:
Home Internet Connected Devices Facilitate Criminal Activity
probably important to know – what is the Botnet?
- The presence of suspicious marketplaces where apps are downloaded.
- Requiring Google Play protect settings to be disabled.
- Generic TV streaming devices advertised as unlocked or capable of accessing free content.
- IoT devices advertised from unrecognizable brands.
- Android devices that are not Play Protect certified.
- Unexplained or suspicious Internet traffic.
To me the above list screams cheap knockoffs from China.
Here are some mitigations:
The following mitigation strategies can be effective steps to minimize exposure to unauthorized residential proxy networks.
- Maintaining awareness and monitor Internet traffic of home networks.
- Assess all IoT devices connected to home networks for suspicious activity.
- Avoid downloading apps from unofficial marketplaces advertising free streaming content.
- Keeping all operating systems, software, and firmware up to date. Timely patching is one of the most efficient and cost-effective steps to minimize its exposure to cybersecurity threats. Prioritize patching firewall vulnerabilities and known exploited vulnerabilities in internet-facing systems.
The FBI PSA is not very specific in devices, since there are so many different kinds.
Asking an AI engine what is susceptible to Bad Box2.0(after looking into multiple sources):
Based on the research reports, I'll provide a comprehensive list of systems and devices that are susceptible to Badbox 2.0 infection. Here's a detailed breakdown:
## Consumer Entertainment Devices 1. **TV Streaming Devices / Connected TV (CTV) Boxes** - Particularly vulnerable when they are low-cost or off-brand devices - Most commonly affected when not Play Protect certified - Often come with pre-installed malware during manufacturing 2. **Digital Projectors** - Especially those with internet connectivity features - Vulnerable to infection through their network connections 3. **Digital Picture Frames** - Internet-connected models that can download and display images - Particularly susceptible when from less reputable manufacturers ## Mobile and Smart Devices 1. **Android Devices** - Particularly those manufactured and shipped from China - Devices that are not Google Play Protect certified - Specifically vulnerable when running Android Open Source Project (AOSP) 2. **Specific Brand Devices** - Yandex Smart TVs - Hisense Smartphones ## Vehicle Systems 1. **Aftermarket Vehicle Infotainment Systems** - Particularly vulnerable when: - Installed post-manufacture - Sourced from less reputable manufacturers - Advertised as "unlocked" or offering free content # Key Vulnerability Factors Systems are particularly susceptible to Badbox 2.0 when they have the following characteristics: 1. **Manufacturing Origin** - Devices manufactured in China with less stringent security controls - Off-brand or uncertified devices 2. **Device Certification** - Devices that lack Google Play Protect certification - Systems running uncertified versions of Android OS 3. **Distribution Channels** - Devices sold through unofficial or less reputable channels - Systems advertised with suspicious features like "unlocked" or "free content" access 4. **Software Configuration** - Devices that allow sideloading of applications - Systems with outdated or unpatched firmware - Devices that receive updates from unofficial sources The Badbox 2.0 botnet has infected over a million devices across 222 countries, making it the largest botnet of infected CTV devices ever discovered. The malware is particularly effective at compromising devices through supply chain attacks, often being pre-installed during manufacturing or distributed through unofficial app marketplaces. It is wise to ensure only devices that you have vetted to connect to your network. Check out my Security Policies at my Store