Credit: The original article is published here.
- Google files major lawsuit with a district court
- The lawsuit claims Google lost money and reputation due to BadBox 2.0
- 25 unnamed Chinese individuals are accused of running the scheme
Google has sued 25 unidentified Chinese citizens for building and operating the notorious BadBox 2.0 botnet.
A legal complaint filed by in the United States District Court for the Southern District of New York, said the defendants created and operated a botnet that infected more than 10 million internet-connected devices globally. The devices include TV streaming boxes, tablets, projectors, and car infotainment systems, primarily running on AOSP (Android Open Source Project), and not protected by Google Play Protect.
The malware either came preinstalled on devices (through a supply chain attack), or was downloaded via deceptive apps, and once infected, the devices connect to a command-and-control (C2) server, granting the threat actors remote control.
Residential proxy and ad fraud
The 25 people in the complaint allegedly used the botnet to offer residential proxies, commit ad fraud, and click fraud. Google says they sold access to infected devices as residential proxies, hiding the identity of the buyers, and allowing them to commit crimes of their own – account takeovers, credential theft, DDoS attacks, and more.
The defendants also used them to generate fake ad impressions and clicks, launch hidden browsers to interact with ad-heavy sites, and deploy “evil twin” apps that mimic legitimate apps, tricking both users and ad platforms.
The ad fraud part is particularly worrying for Google, it seems. The company says it is forced to pay for fraudulent ad traffic and spend resources to investigate and mitigate the botnet. It also argues that the botnet undermines trust in Google’s platform, eroding its reputation, which also leads to less profit down the line.
Unfortunately, the chances of China identifying and extraditing these individuals are next to none. The country rarely cooperates with the US on matters of cybersecurity, as the two countries are seen as adversaries, frequently trading blows in cyberspace.
Via The Register
You might also like
- FBI warns dangerous BADBOX 2.0 malware has hit over a million devices – here’s how to stay safe
- Take a look at our guide to the best authenticator app
- We’ve rounded up the best password managers
