Millions of low-cost Android devices turn home networks into crime platforms

The FBI warns of a sophisticated malware called BadBox, which exploited devices for media streaming, car entertainment, and video projection. Based on the Triada strain from 2016, it used advanced rooting techniques to bypass Android security, leading Google to update its OS in 2017. A year later, attackers pre-infected thousands of devices through a supply-chain attack, prompting Google to enhance its defenses. In 2023, security firm Human Security discovered BigBox on millions of Chinese devices via Triada, enabling activities like advertising fraud and fake accounts.