Researchers at Bitsight have identified a botnet named BADBOX that has infected over 192,000 Android devices, primarily targeting Yandex Smart TVs and Hisense smartphones.

The majority of these infections involve approximately 160,000 Yandex 4K QLED Smart TVs, which are particularly popular in Russia, along with Hisense T963 smartphones.

Bitsight has detected over 100,000 unique IPs linked to Yandex 4K QLED smart TVs communicating with a BadBox command and control (C&C) server, indicating a significant rise in infections among high-end devices.

The BadBox malware is believed to be based on the Triada malware family and is typically introduced through supply chain attacks or employee misconduct.

In response to the growing threat, the Federal Office for Information Security (BSI) in Germany implemented a sinkholing operation, redirecting infected device traffic to a controlled server to mitigate data theft and command execution.

Despite these efforts, the overall impact on the BADBOX operation has been limited, underscoring the challenges of effectively combating global cyber threats.

The malware has also been detected on public school networks across the United States, raising alarms about its widespread implications.

Signs of infection include device overheating, performance drops, unusual network traffic, and altered device settings, which can indicate compromised devices.

The primary goal of the BadBox campaign is financial gain, achieved by converting infected devices into residential proxies for cybercriminals or facilitating ad fraud.

Despite recent disruption attempts in Germany, the BadBox Android malware botnet continues to grow, with BitSight researchers logging over 192,000 infected devices globally.

Infected devices are primarily located in regions such as Russia, China, India, Belarus, Brazil, and Ukraine, highlighting the global reach of the botnet.

BitSight suggests that the infections could stem from compromised supply chains or manufacturer negligence during various stages from development to sales.