FBI warns millions of smart home devices at risk from malware attack

A new wave of cyber threats targeting millions of smart home devices has prompted an official warning from the Federal Bureau of Investigation (FBI). The agency has raised alarms about a sophisticated malware campaign, BADBOX 2.0, which is actively compromising a broad range of Internet of Things (IoT) devices in households across the globe. The FBI warns that TV streaming boxes, digital projectors, aftermarket vehicle infotainment systems, and other connected products—especially those from lesser-known brands—are at heightened risk of being infected.

According to the FBI, many of the compromised devices originate from manufacturers in China. These devices may be loaded with malicious software before being sold or may become infected when users download certain required applications during the initial setup. The FBI indicates that this infection can occur when devices connect to unofficial app marketplaces, which often host applications with hidden backdoors.

The main objective of the BADBOX 2.0 malware campaign, as explained by the FBI, is to transform everyday consumer electronics into parts of a vast botnet—a network of hijacked devices remotely controlled by cybercriminals. Once a device is compromised and connected to a home network, it can be used as part of a residential proxy service. This allows other cybercriminals to exploit the legitimate IP addresses of unsuspecting households for various illicit activities, masking their own identities and making malicious actions harder to trace.

The FBI emphasizes that the BADBOX 2.0 botnet is an evolution of a previous malware campaign that first emerged in 2023. While the original version focused primarily on pre-infected Android-based devices, the current wave is more versatile. Devices can now be infected either prior to sale or afterward, especially when users are lured by offers of free streaming content from unofficial sources. The FBI’s warning highlights that millions of devices are likely to be affected, with the campaign persisting despite previous law enforcement efforts to disrupt it.

Identifying whether a smart home device has been compromised is not always straightforward. The FBI points to several possible indicators: devices that prompt users to disable Google Play Protect settings, those that lack Play Protect certification, and those that provide access to unofficial or suspicious marketplaces. Additional red flags include unexplained spikes in internet traffic from certain devices or the presence of generic, “unlocked” streaming boxes that claim to offer free premium content.

The FBI urges consumers to take immediate action if they notice suspicious behavior from their smart home devices. Recommendations include reviewing all IoT products connected to the home network, avoiding the installation of applications from unofficial marketplaces, and disconnecting any device suspected of compromise. The FBI further stresses the importance of regularly updating operating systems, software, and firmware to minimize vulnerabilities, with special attention to devices marketed by little-known or generic brands.

Home users are encouraged by the FBI to remain vigilant when purchasing new internet-connected devices. The agency suggests prioritizing products from established vendors and being skeptical of deals that seem unusually generous or promise capabilities outside the norm for legitimate devices. Monitoring network traffic, understanding what devices are connected, and keeping all systems up to date are vital steps in reducing the risk posed by malware campaigns such as BADBOX 2.0.

The FBI’s public advisory on this matter underscores the broader issue of IoT security in the modern household. As more consumers incorporate smart technology into their homes, the potential attack surface for cybercriminals continues to expand. The proliferation of cheap, internet-connected devices—often lacking robust security controls—has made it easier for malware like BADBOX 2.0 to spread and persist.

The FBI’s continued monitoring and outreach serve as a critical reminder that cyber threats are ever-evolving. By taking proactive measures and following the guidance provided by law enforcement, consumers can better protect themselves and their households from being unwitting participants in global cybercrime operations. The agency also encourages anyone who suspects they have fallen victim to such intrusions to report the incident for further investigation.

As cybercriminals refine their tactics and broaden the scope of their attacks, the FBI remains actively involved in both detection and prevention efforts. Ongoing public awareness and cooperation with law enforcement are essential in combating the threats posed by malicious botnets and safeguarding the integrity of home networks in an increasingly digital world.