CATEGORIES
home News

Security Report Blows The Whistle On A Massive Android TV Botnet Campaign

by Nathan OrdThursday, January 18, 2024, 03:16 PM EDT
security report blows the whistle on a massive android tv botnet campaign
Botnet activities are usually sniffed out and found fairly routinely, but it seems that a previously unknown cybercrime gang named Bigpanzi has been laying low and getting away with it. New reports suggest that this gang has amassed a 170,000-device-strong botnet since 2015, developing along with it an admittedly impressively vast infrastructure network.

This week, researchers out of Qianxin Xlabs, a Chinese research group, published a report on the threat group Bigpanzi. This discovery began with the finding of a virus sample called pandoraspear, which contained nine hardcoded C2 domain names. Two of these domain names were expired, so the researchers elected to register the domains and determine the botnet's size. This allowed them to find that the network had 170,000 daily active bots which are primarily based out of Brazil.

apps security report blows the whistle on a massive android tv botnet campaign
Examples of some of the sites for the malicious apps.

While the Bigpanzi gang went after the researchers after they made this discovery, the investigation continued. This allowed them to find several download scripts and other information, further revealing the threat actor group’s infrastructure and motives. Namely, it is noted that the group “primarily targets Android OS TVs and set-top boxes, as well as eCos OS set-top boxes.” This is based on getting users to install apps or updates to gain control of the systems rather than relying on leveraging vulnerabilities.

map security report blows the whistle on a massive android tv botnet campaign
Beyond standard botnet activities like distributed denial-of-service (DDoS), this network can “disseminate any form of visual or audio content, unbound by legal constraints.” The concern is that the botnet could “broadcast violent, terroristic, or pornographic content, or to employ increasingly convincing AI-generated videos for political propaganda, poses a significant threat to social order and stability.”

How this group operates and its potential capabilities are rather interesting, as this is something that has yet to be seen. Further, it is fascinating that they have been able to lay low for so long without discovery while being so widespread. You can see the full coverage of the group on the Xlabs site, but perhaps the key takeaway is that one should not just install apps to devices willy-nilly without knowing where they come from.
Tags:  security, botnet, cybersecurity, bigpanzi
Nathan Ord

Nathan Ord

Nathan Ord is a tech nerd through and through.  Following any technology, from home and business applications to VR, anything is up his alley.  Starting out as the family repair guy and local "tech expert" for those around him, he helped out wherever he could.  Nathan came aboard HotHardware in 2020 and continuously enjoys what he does.  In his free time, he enjoys volunteering, playing video games, and just relaxing with friends. 
Opinions and content posted by HotHardware contributors are their own.
TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment