Summary: A botnet malware known as Vo1d has infected Android TV devices in several countries, with a significant increase in infections reported in India. Vo1d exhibits enhanced stealth and anti-detection capabilities, allowing for the creation of a proxy network for illegal activities such as advertisement click fraud. The malware’s architecture includes components designed for communication with command-and-control servers, posing risks for large-scale cyber attacks.
Affected: Android TV devices
Keypoints :
- Vo1d botnet has infected Android TV devices across Brazil, South Africa, Indonesia, Argentina, Thailand, and India.
- The infection rate in India surged from less than 1% to 18.17% within a short time frame.
- The malware employs advanced encryption and anti-detection techniques to evade research and control efforts.
- Recent versions leverage a “rental-return” model for botnet activity, potentially leasing infrastructure to other criminal actors.
- The malicious Android app mimics Google Play Services for persistence and stealth.
- Vo1d enables the deployment of modular Android malware named Mzmess, which includes diverse plugins for various malicious activities.
- There is a significant risk of using infected devices for broader cyber attacks, including DDoS attacks.
Source: https://thehackernews.com/2025/03/vo1d-botnets-peak-surpasses-159m.html