The FBI warned that BadBox 2.0 malware has infected more than 1 million Android smart TVs and set‑top boxes, converting devices into residential proxy networks that criminals use for credential theft and fraud. Consumers are urged to update devices and avoid cheap, untrusted hardware.

In a nationwide advisory, the FBI disclosed that the BadBox 2.0 botnet has compromised over one million Android‑based smart TVs, set‑top boxes and inexpensive streaming devices, turning them into residential proxy networks that facilitate large‑scale fraud. Infected devices are being rented or sold as proxy endpoints to obfuscate criminal activity, enabling credential stuffing, account takeovers and illicit access to financial and crypto accounts. The FBI cautions that devices purchased from unverified sellers or loaded with third‑party app stores are particularly at risk because they may come preinstalled with malware or accept malicious payloads. Recommended mitigations include factory resetting devices, installing firmware updates from official vendors, disabling unused services, changing default passwords, segmenting IoT devices on separate networks, and monitoring for unusual outbound traffic. The advisory also urges consumers and ISPs to report suspected infected devices to the FBI and for manufacturers to improve supply‑chain security. The operation highlights how compromised home electronics are increasingly repurposed to support complex financial and identity fraud schemes.