www.foxnews.com
Malicious SuperBox Devices Turn Homes into Proxy Nodes for Cybercriminals
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Security researchers have identified that SuperBox Android TV streaming devices, marketed as cost-effective media solutions, may secretly convert users' internet connections into proxy nodes for cybercriminal activities. These devices, sold through major retailers, initiate connections to Tencent QQ and Grass proxy services as soon as they are powered on. The firmware contains tools for network scanning, traffic analysis, and DNS hijacking, allowing them to facilitate ad fraud and other malicious activities. The devices are also capable of participating in DDoS attacks and scanning local networks for vulnerabilities. This situation has raised significant concerns about the security of low-cost streaming devices and their potential to be exploited as part of a botnet. As of May 2026, these devices remain available for purchase despite the risks associated with them.
Key Points: • SuperBox devices may covertly turn home networks into proxy nodes for cybercriminals. • The devices contain malicious tools for network scanning and traffic analysis. • Security researchers warn that these devices are still being sold on major retail platforms.