Security Update News
Update Information
| Title | Google Sues the Badbox Botnet Operators |
|---|---|
| Update ID | SCHNEIER:EF8B8D9E4F17BF4FFAC8A63C7CE66E58 |
| Type | schneier |
| Published | 2025-07-23T11:04:53 |
| Last Updated | 2025-07-22T16:17:31 |
Security Impact
| Severity | NONE |
|---|
AI Analysis
| AI Description | Google is suing the operators of the Badbox 2.0 botnet, which has infected over 10 million Android devices. These devices lack Google’s security protections and were pre-installed with malware for fraud and other illicit activities. This case highlights a private company addressing a regulatory gap left by governments. |
|---|---|
| AI Severity | High |
| AI Vendor | |
| AI Product | Android |
| AI Version | Unspecified |
Update Details
It will be interesting to watch what will come of this private lawsuit:
> Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software.
>
> These devices lack Google’s security protections, and the perpetrators pre-installed the Badbox 2.0 malware on them, to create a backdoor and abuse them for large-scale fraud and other illicit schemes.
This reminds me of Meta’s lawauit against Pegasus over its hack-for-hire software (which I wrote about here.) It’s a private company stepping into a regulatory void left by governments.
Slashdot thread.