• Kimwolf botnet, 2M infected devices, compromised Badbox 2.0 control panel screenshot. • Badbox 2.0: China-based botnet on Android TV streaming boxes, over ten million devices, used for ad fraud. • FBI and Google actively hunting Badbox operators, leveraging Kimwolf bragging for clues. • Kimwolf admins known as “Dort” and “Snow”; screenshot shows Dort’s “ABCD” account added to Badbox panel. • Badbox history predates Kimwolf; Google filed “John Doe” lawsuit in July 2025 against 25 unidentified defendants. • Kimwolf’s invasive spread via unofficial Android TV boxes marketed for pirated streaming.
Article Summaries:
- Summary
Kimwolf, a botnet that has infected over 2 million devices, has reportedly breached the control panel of Badbox 2.0, a large China‑based botnet that pre‑installs malware on Android TV streaming boxes. A screenshot released by Kimwolf’s operators shows seven authorized users, including “ABCD” (linked to Kimwolf’s Dort) and “Chen” (associated with Chinese tech firms). The evidence gives the FBI and Google clearer insight into Badbox’s leadership, as the agency and the company have been actively pursuing the botnet’s operators. Badbox 2.0, which Google sued in July 2025, is believed to drive advertising fraud and infect devices via unofficial app stores.
Sources: