Here’s the latest on the story we’ve been following about hostile nations’ ability to commandeer millions of wireless home devices in the US and Canada. A year ago, Google sued the operators of Badbox 2.0 — a China-linked botnet that had compromised over 10 million Android TV boxes and streaming devices. Now. the FBI seized hundreds of domains tied to a NASDAQ-listed company running a criminal proxy network called NetNut.
- In one sample week last month, 316 criminal and espionage groups were using this single network. Nearly half of downloadable apps on LG’s webOS platform contain SDKs that quietly turn the television into an always-on residential proxy node.
- Taking one network down doesn’t end the threat — it reshuffles it. The same dynamic is likely to repeat with Whichever network absorbs NetNut’s former customers will likely emerge as the new threat.
- For consumers: stick to name-brand streaming devices from reputable manufacturers, avoid any app that offers payment for “sharing your unused bandwidth,” and check your smart TV’s app list — if you have an LG or Samsung, delete anything you don’t recognize or actively use. Google publishes a list of verified partners at tv.google/intl/en_us/programs/android-tv-op/ — anything not on that list is a risk worth taking seriously.