Factory-Installed Botnet Malware Found on Projector Purchased from Amazon

The author detected a pre-installed Vo1d botnet malware on an AODIN projector purchased from Amazon. The malicious software was making DNS requests every 65 seconds to the domain o.fecebbbk[.]xyz, without triggering any alerts on their automated security tools (OPNsense and Security Onion). The discovery was made during a manual analysis of network traffic using Wireshark. The projector's firmware confirmed that the malware was present before shipping.