Chinese-Linked Badbox 2.0 Botnet Exposed with Ties to Kimwolf Malware Network
botnetsmalwarecybercrimeAndroid TVIOTFBIGoogleChinacybersecuritypreinstalled malwareKimwolf botnetBeijing Astrolink Wireless Digital Technology Co. LtdBeijing Hengchuang Vision Mobile Media Technology Co. LtdChen DaihaiZhu Zhiyu18681627767189308024@qq.com34557257@qq.comBeijing Hong Dake Wang Science & Technology Co Ltdcathead@gmail.comConstella Intelligencedaihaic@gmail.comDortFederal Bureau of InvestigationGuilin HuangHUMAN SecurityMoxin Beijing Science and Technology Co. Ltdosint.industriesSnowSpyCloudxavierzhu@gmail.comxavierzhu@qq.comIoT fraudcyber investigationthreat intelligence
The Badbox 2.0 botnet, composed of Android TV boxes infected with preinstalled malware, is operated from China. Cybercriminals controlling the Kimwolf botnet (with over 2 million compromised devices) shared a screenshot suggesting access to Badbox 2.0's control panel. The FBI and Google are investigating its operators. Several Chinese entities are mentioned, including Beijing Astrolink Wireless Digital Technology Co. Ltd., Beijing Hengchuang Vision Mobile Media Technology Co. Ltd., and email addresses linked to individuals such as Chen Daihai and Zhu Zhiyu. No specific date or detailed technical impact is provided.