{*}
Add news
March 2010 April 2010 May 2010 June 2010 July 2010
August 2010
September 2010 October 2010 November 2010 December 2010 January 2011 February 2011 March 2011 April 2011 May 2011 June 2011 July 2011 August 2011 September 2011 October 2011 November 2011 December 2011 January 2012 February 2012 March 2012 April 2012 May 2012 June 2012 July 2012 August 2012 September 2012 October 2012 November 2012 December 2012 January 2013 February 2013 March 2013 April 2013 May 2013 June 2013 July 2013 August 2013 September 2013 October 2013 November 2013 December 2013 January 2014 February 2014 March 2014 April 2014 May 2014 June 2014 July 2014 August 2014 September 2014 October 2014 November 2014 December 2014 January 2015 February 2015 March 2015 April 2015 May 2015 June 2015 July 2015 August 2015 September 2015 October 2015 November 2015 December 2015 January 2016 February 2016 March 2016 April 2016 May 2016 June 2016 July 2016 August 2016 September 2016 October 2016 November 2016 December 2016 January 2017 February 2017 March 2017 April 2017 May 2017 June 2017 July 2017 August 2017 September 2017 October 2017 November 2017 December 2017 January 2018 February 2018 March 2018 April 2018 May 2018 June 2018 July 2018 August 2018 September 2018 October 2018 November 2018 December 2018 January 2019 February 2019 March 2019 April 2019 May 2019 June 2019 July 2019 August 2019 September 2019 October 2019 November 2019 December 2019 January 2020 February 2020 March 2020 April 2020 May 2020 June 2020 July 2020 August 2020 September 2020 October 2020 November 2020 December 2020 January 2021 February 2021 March 2021 April 2021 May 2021 June 2021 July 2021 August 2021 September 2021 October 2021 November 2021 December 2021 January 2022 February 2022 March 2022 April 2022 May 2022 June 2022 July 2022 August 2022 September 2022 October 2022 November 2022 December 2022 January 2023 February 2023 March 2023 April 2023 May 2023 June 2023 July 2023 August 2023 September 2023 October 2023 November 2023 December 2023 January 2024 February 2024 March 2024 April 2024 May 2024 June 2024 July 2024 August 2024 September 2024 October 2024 November 2024 December 2024 January 2025 February 2025 March 2025 April 2025 May 2025 June 2025 July 2025 August 2025 September 2025 October 2025 November 2025 December 2025 January 2026 February 2026 March 2026 April 2026 May 2026 June 2026 July 2026
1 2 3 4 5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
News Every Day |

Cheap streaming box could hijack your home internet

That cheap streaming box promising free movies, live sports and premium channels may come with a hidden cost you never agreed to pay.

Security researchers are warning about a sprawling Android-based botnet called Popa. It has reportedly forced millions of consumer TV boxes to relay internet traffic tied to ad fraud, account takeovers and mass data scraping.

The concern goes beyond one shady app or one off-brand gadget. It points to a bigger problem sitting in living rooms across the country. Your home internet connection can be quietly used by strangers. In other words, that box connected to your TV may be doing more than streaming shows and movies.

THE TRICK TO SMOOTHER STREAMING AT HOME AND ON THE ROAD

Sign up for my FREE CyberGuy Report

GLOBAL SCAM CRACKDOWN LEADS TO 276 ARRESTS

Popa is tied to the wider Vo1d and BADBOX-style ecosystem of compromised Android-based streaming devices. These are often unofficial TV boxes sold online under countless names. Many promise access to paid movies, sports or channels for a one-time price. That should be your first warning sign.

KrebsOnSecurity reports that Popa works less like a traditional botnet built for quick attacks and more like a persistent tunneling system. It can register a device, keep encrypted connections open and route traffic through that device when needed.

So what does that mean at home? Someone else's internet traffic can appear to come from your house.

A residential proxy uses a regular home internet address to send traffic. To a website, that traffic can look like it came from an ordinary household instead of a suspicious server farm.

That makes these networks valuable for people trying to hide mass scraping, fake ad clicks, account attacks or other shady activity. It also creates a scary problem for the person who owns the Wi-Fi.

Your IP address could show up as the source, even though you had no idea anything was happening. The FBI has warned that compromised internet-connected devices can become part of BADBOX 2.0 and residential proxy services used for criminal activity. Those devices can include TV streaming boxes, digital projectors, digital picture frames and other connected gadgets.

For more on how attackers can abuse connected devices, see our report on how the FBI warned that more than 1 million Android devices were hijacked by malware.

The numbers are huge. Lumen's Black Lotus Labs told Krebs that Popa averages between 1.5 million and 2.5 million distinct IP addresses each day. The system also reportedly relies on hundreds of internet addresses used to direct its activity.

Google previously said BADBOX 2.0 compromised more than 10 million uncertified devices running Android open-source software without Google's built-in security protections. Google also said the devices were used for ad fraud and other digital crimes.

That is why this should get your attention. The box under your TV may look harmless. But if it came preloaded with sketchy streaming apps, required workarounds or promised too much for too little money, it may be putting your home network at risk.

The Popa story also includes a major dispute. Security firms Qurium and Synthient say Popa is linked to NetNut, a residential proxy provider owned by Alarum Technologies, a publicly traded Israeli company. Synthient said its analysis found traffic associated with NetNut coming from devices running Popa.

Alarum disputes the reports. The company says the claims contain flawed conclusions and rejects the characterization of the technology as a botnet. Alarum also says its SDKs are meant for bandwidth-sharing with notice, consent and safeguards. That disagreement is important. But for everyday households, the most important point stays the same. If a device or app can route someone else's traffic through your home connection, you need to know before you plug it in.

This problem goes beyond cheap Android TV boxes. Krebs cited research from Spur, a proxy-tracking service, that found some smart TV apps can include hidden tools that share your home internet connection with outside companies.

Spur said more than 42% of LG webOS apps it reviewed had these components. It also found similar components in more than 25% of Samsung Tizen apps reviewed.

In response, a Samsung spokesperson told CyberGuy, "Samsung wants to reassure our customers that the third-party residential proxy SDKs recently reported in the media cannot access, collect, or store any personal information from the TV, such as account credentials, viewing history, or personal files."

Samsung said it has already restricted new app registrations that include those proxy functions.

"We are currently implementing strict platform-wide developer policies explicitly banning residential proxy SDKs, and we are working to identify and remove all apps currently available in our store that contain these components," the company said.

"The privacy and security of our customers are our top priority, and we will continue to enforce our developer policies to ensure our platform remains safe and trustworthy," the spokesperson added.

Samsung's response sounds reassuring on personal TV data. Still, the bigger lesson is to be careful about what you install on any smart TV. Random games, free streaming apps or odd utilities can come with permissions or fine print that most people skip.

A TV remote makes it easy to click through prompts without reading much. That is important because an app may be able to use your home internet connection in ways you did not expect.

Be careful with any streaming device that promises free access to paid content. Also watch for Android boxes advertised as "unlocked," "fully loaded" or loaded with premium channels.

The FBI lists several warning signs, including devices that require Google Play Protect to be disabled, apps from suspicious marketplaces, generic streaming boxes from unknown brands, Android devices that lack Play Protect certification and unexplained internet traffic.

If you see one of those signs, unplug the device from power and disconnect it from Wi-Fi or Ethernet.

The good news is you do not need to be a cybersecurity expert to lower your risk. Start with the devices connected to your TV, then work outward to your router, apps and passwords.

Do not buy cheap Android TV boxes that promise free movies, live sports or paid channels. Those deals can come with malware, backdoors or proxy software. Stick with trusted streaming platforms and certified devices from known brands. A bargain stops looking like a bargain when it puts your home network at risk.

Unplug any no-name Android TV box, unlocked streaming device or gadget that required you to disable Google Play Protect. Then remove it from your router's connected-device list. If unknown devices appear on your router, change your Wi-Fi password. After that, reconnect only the devices you recognize.

If you use an Android TV device, check whether it is Play Protect certified. Uncertified Android devices may lack Google's built-in security protections. A device that asks you to turn off security settings during setup deserves extra scrutiny. That setup step can be a major red flag.

Install apps only from official stores on your smart TV, Fire TV, Apple TV, Roku or Android TV device. Avoid sideloading, which means installing apps from outside the official app store, unless you fully trust the source. The FBI warns that unofficial marketplaces and required app downloads can increase the chance of infection.

Go through the apps on your smart TV and streaming devices. Remove games, utilities, free streaming apps and anything you no longer recognize. Pay close attention to apps that mention bandwidth sharing, proxy access or earning rewards from unused internet. Those tradeoffs can be buried in language most people would skip.

Keep your router, smart TV, streaming stick and other connected devices updated. Firmware updates often fix security holes that attackers love to exploit. Also, check whether your router supports automatic updates. Turn that on if available.

Open your router app or router admin page and look at the connected-device list. Remove anything you do not recognize. Also, watch for devices sending unusual amounts of data. A streaming box should not be creating heavy outbound traffic when no one is watching anything.

If you signed into Google, streaming apps or other accounts on a suspicious TV box, change those passwords from a trusted phone or computer. Also, sign out of those accounts on other devices when the service gives you that option. Use a trusted password manager to create and store strong, unique passwords so one compromised account does not open the door to others. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

Remove free VPNs, free streaming apps, coupon extensions, unknown browser extensions and apps that offer to pay you for bandwidth. A trusted VPN can help protect your privacy online, especially on public Wi-Fi. However, a VPN will not clean an infected streaming box or stop a shady TV app from abusing your connection. Use it as one layer, not your only defense. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices at Cyberguy.com

Create a separate guest or IoT network for TVs, streaming boxes, cameras, printers and other smart devices. That way, a compromised gadget has less access to your phones, laptops and personal files. Many newer routers make this fairly easy inside the router app.

Run a full security scan on your computers and phones with trusted security software. This can help catch malware, risky downloads and suspicious files. But let's be real here. Do not assume antivirus software can fully clean a cheap infected TV box. The FBI has warned that some compromised devices may come with malware before purchase or pick it up during setup. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

A factory reset may sound like enough, but it may fail to remove malware that came preinstalled or lives deeper in the device. If the box came from an unknown brand, pushed you toward sketchy apps or required security workarounds, replacing it is the safer move.

If you believe your device or network has been compromised, report it to the FBI's Internet Crime Complaint Center at IC3.gov. Also, contact your internet provider if you see strange traffic or get abuse notices tied to your IP address.

The scary part here is how ordinary this can look. A cheap streaming box sits under your TV, works well enough and promises free content. Meanwhile, your home internet connection may be getting rented out or abused in ways you never approved. That to me is scary because most people would never think to check whether their TV box is sending traffic in the background. They just want to watch the game or a movie. But if the device came from an unknown brand, promised free paid content or required sketchy setup steps, it deserves a serious look. The safest move is to unplug anything suspicious, use certified streaming devices and keep your smart TV apps under control. Free TV can become expensive fast when your home internet gets dragged into someone else's scheme.

Would you unplug a streaming box if you found out strangers might be routing their internet traffic through your home? Let us know by writing to us at Cyberguy.com

Sign up for my FREE CyberGuy Report

Copyright 2026 CyberGuy.com. All rights reserved.

Ria.city






Read also

Taylor Swift and Travis Kelce's wedding: Leaked details reveal inside look as photos capture A-list departures

This 'America the Beautiful' rendition before the France vs Paraguay match will give you goosebumps

Cubs host Cardinals as Shota Imanaga and Kyle Leahy give bettors reason to back the over 8

News, articles, comments, with a minute-by-minute update, now on Today24.pro

Today24.pro — latest news 24/7. You can add your news instantly now — here




Sports today


Новости тенниса


Спорт в России и мире


All sports news today





Sports in Russia today


Новости России


Russian.city



Губернаторы России









Путин в России и мире







Персональные новости
Russian.city





Friends of Today24

Музыкальные новости

Персональные новости