Technology

Why your Android TV box may secretly be a part of a botnet

Published

4 months ago

January 13, 2026

Press Room

Why your Android TV box may secretly be a part of a botnet

NEWYou can now listen to Fox News articles!

Android TV streaming boxes that promise “everything for one price” are everywhere right now.

You’ll see them on big retail sites, in influencer videos, and even recommended by friends who swear they’ve cut the cord for good. And to be fair, they look irresistible on paper, offering thousands of channels for a one-time payment. But security researchers are warning that some of these boxes may come with a hidden cost.

In several cases, devices sold as simple media streamers appear to quietly turn your home internet connection into part of larger networks used for shady online activity. And many buyers have no idea it’s happening.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

WHY JANUARY IS THE BEST TIME TO REMOVE PERSONAL DATA ONLINE

Android TV streaming boxes promising unlimited channels for a one-time fee may quietly turn home internet connections into proxy networks, according to security researchers. (Photo By Paul Chinn/The San Francisco Chronicle via Getty Images)

What’s inside these streaming boxes

According to an investigation by Krebs on Security, media streaming devices don’t behave like ordinary media streamers once they’re connected to your network. Researchers closely examine SuperBox, which is an Android-based streaming box sold through third-party sellers on major retail platforms. On paper, SuperBox markets itself as just hardware. The company claims it doesn’t pre-install pirated apps and insists users are responsible for what they install. That sounds reassuring until you look at how the device actually works.

To unlock the thousands of channels SuperBox advertises, you must first remove Google’s official app ecosystem and replace it with an unofficial app store. That step alone should raise eyebrows. Once those custom apps are installed, the device doesn’t just stream video but also begins routing internet traffic through third-party proxy networks.

What this means is that your home internet connection may be used to relay traffic for other people. That traffic can include ad fraud, credential stuffing attempts and large-scale web scraping.

During testing by Censys, a cyber intelligence company that tracks internet-connected devices, SuperBox models immediately contacted servers tied to Tencent’s QQ messaging service, run by Tencent, as well as a residential proxy service called Grass.

Grass describes itself as an opt-in network that lets you earn rewards by sharing unused internet bandwidth. This suggests that SuperBox devices may be using SDKs or tooling that hijack bandwidth without clear user consent, effectively turning the box into a node inside a proxy network.

Why SuperBox activity resembles botnet behavior

In simple terms, a botnet is a large group of compromised devices that work together to route traffic or perform online tasks without the owners realizing it.

Researchers discovered SuperBox devices contained advanced networking and remote access tools that have no business being on a streaming box. These included utilities like Tcpdump and Netcat, which are commonly used for network monitoring and traffic interception.

The devices performed DNS hijacking and ARP poisoning on local networks, techniques used to redirect traffic and impersonate other devices on the same network. Some models even contained directories labeled “secondstage,” suggesting additional payloads or functionality beyond streaming.

SuperBox is just one brand in a crowded market of no-name Android streaming devices. Many of them promise free content and quick setup, but often come preloaded with malware or require unofficial app stores that expose users to serious risk.

In July 2025, Google filed a lawsuit against operators behind what it called the BADBOX 2.0 botnet, a network of more than ten million compromised Android devices. These devices were used for advertising fraud and proxy services, and many were infected before consumers even bought them.

Around the same time, the Feds warned that compromised streaming and IoT devices were being used to gain unauthorized access to home networks and funnel traffic into criminal proxy services.

We reached out to SuperBox for comment but did not receive a response before our deadline.

8 steps you can take to protect yourself

If you already own one of these streaming boxes or are thinking about buying one, these steps can help reduce your risk significantly.

1) Avoid devices that require unofficial app stores

If a streaming box asks you to remove Google Play or install apps from an unknown marketplace, stop right there. This bypasses Android’s built-in security checks and opens the door to malicious software. Legitimate Android TV devices don’t require this.

2) Use strong antivirus software on your devices

Even if the box itself is compromised, strong antivirus software on your computers and phones can detect suspicious network behavior, malicious connections or follow-on attacks like credential stuffing. Strong antivirus software monitors behavior, not just files, which matters when malware operates quietly in the background. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

3) Put streaming devices on a separate or guest network

If your router supports it, isolate smart TVs and streaming boxes from your main network. This prevents a compromised device from seeing your laptops, phones or work systems. It’s one of the simplest ways to limit damage if something goes wrong.

4) Use a password manager

If your internet connection is being abused, stolen credentials often come next. A password manager ensures every account uses a unique password, so one leak doesn’t unlock everything. Many password managers also refuse to autofill on suspicious or fake websites, which can alert you before you make a mistake.

MAKE 2026 YOUR MOST PRIVATE YEAR YET BY REMOVING BROKER DATA

Investigators warn some Android-based streaming boxes route user bandwidth through third-party servers linked to ad fraud and cybercrime. (Photo Illustration by Thomas Fuller/SOPA Images/LightRocket via Getty Images)

Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

5) Consider using a VPN for sensitive activity

A VPN won’t magically fix a compromised device, but it can reduce exposure by encrypting your traffic when browsing, banking or working online. This makes it harder for third parties to inspect or misuse your data if your network is being relayed.

For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices at Cyberguy.com.

6) Watch your internet usage and router activity

Unexpected spikes in bandwidth, slower speeds or strange outbound connections can be warning signs. Many routers show connected devices and traffic patterns.

If you notice suspicious traffic or behavior, unplug the streaming box immediately and perform a factory reset on your router. In some cases, the safest option is to stop using the device altogether.

Also, make sure your router firmware is up to date and that you’ve changed the default admin password. Compromised devices often try to exploit weak router settings to persist on a network.

7) Be wary of “free everything” streaming promises

Unlimited premium channels for a one-time fee usually mean you’re paying in some other way, often with your data, bandwidth or legal exposure. If a deal sounds too good to be true, it usually is.

8) Consider a data removal service

If your internet connection or accounts have been abused, your personal details may already be circulating among data brokers. A data removal service can help opt you out of people-search sites and reduce the amount of personal information criminals can exploit for follow-up scams or identity theft. While it won’t fix a compromised device, it can limit long-term exposure.

10 SIMPLE CYBERSECURITY RESOLUTIONS FOR A SAFER 2026

Cyber experts say certain low-cost streaming devices behave more like botnet nodes than legitimate media players once connected to home networks. (Photo by Alessandro Di Ciommo/NurPhoto via Getty Images)

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

Kurt’s key takeaway

Streaming boxes like SuperBox thrive on frustration. As subscriptions pile up, people look for shortcuts. But when a device promises everything for nothing, it’s worth asking what it’s really doing behind the scenes. Research shows that some of these boxes don’t just stream TV. They quietly turn your home network into a resource for others, sometimes for criminal activity. Cutting the cord shouldn’t mean giving up control of your internet connection. Before plugging in that “too good to be true” box, it’s worth slowing down and looking a little closer.

Would you still use a streaming box if it meant sharing your internet with strangers? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Related Topics:Android Featured Privacy Security TVs

Click to comment

Technology

Google Health is here, but a lot of people want their Fitbit app back instead

Published

7 hours ago

May 26, 2026

Press Room

Google Health is here, but a lot of people want their Fitbit app back instead

The Fitbit app is no more. Along with the launch of the new Fitbit Air (which you can expect a full review of once we’ve spent more time with it), Google has officially replaced it with Google Health, as previously announced, and many of the responses we’ve seen so far are full of confusion, frustration, and requests to get the old app back.

One post on Reddit calls out a common issue, saying, “I can’t even completely fill up my home screen. They only have 2 large tiles available and I can’t just scroll down to see everything.” The landing page has a small section up top showing steps and some other basic stats, but part of the app’s main page is now reserved for recent activity updates and chatty notes from Google’s AI health coach.

The AI didn’t have much to say to me, but for my senior editor, Richard Lawler, it started a conversation about today’s plans that he wasn’t quite ready to have with a chatbot.

Screenshot: Richard Lawler / Google

Not everyone is annoyed by the AI bot however, with one person commenting, “When I ask it to design a moderate workout using my office gym equipment, circuit style, I usually end up feeling great afterwards.” Another person called it “quite a helpful feature,” showing how they were able to update their sleep log with a missed session by chatting with the AI bot.

Another user said, “This graphic UI looks like something an 8 year old would make,” while someone else complained, “Why must I now scroll through paragraphs of AI slop on every tab before I can actually see my activities and data? I don’t want or need to read platitudes about my 15 minute walk to the grocery store. I want to see my stats from my morning run.”

One post on Google’s help center sums things up, saying, “This app is a huge disappointment and a total time drain to get minimal results. How can I get back to using what worked?!” Many others were in agreement, with one reply saying, “it’s no longer a genuine fitness app.”

On Google’s blog post, its sample image shows a version of the Today screen with all of the information and an AI chat that we couldn’t get to show up, but did appear for some users. There doesn’t seem to be any way to remove the Ask Coach / activity window that takes up so much of the screen, but the bot can be disabled from within the new app’s Feature Privacy Controls.

1/3

Most of the Google Health landing page is updates from the AI health coach.

Screenshot: Stevie Bonifield / Google

Even though I knew the switch to Google Health was coming, I was still disoriented for the first several minutes after opening the app this morning.

If you want to see more of your stats and health tracking data, you have to either swipe left in the small top box on the “Today” page or tab over to the “Health” page. To find logs for my rowing workouts that I had stored in the old Fitbit app, I had to go into “Health,” then down to the “Fitness” section in “Focus areas”, where my logs were viewable under “Exercise days.” In the old Fitbit app, I could see the “Exercise days” block by just scrolling down on the app’s main “Today” page.

According to a support page, if you have a supported wearable connected, Google Health shows two additional tabs for Fitness and Sleep that would make things easier, but before the redesign I didn’t need those. While Google’s Rishi Chandra told The Verge earlier this month that Google Health will eventually support third-party wearables, my Nothing Watch Pro 3 currently isn’t enough to unlock those two extra tabs.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Stevie Bonifield

Technology

Are Apple devices spying? What your iPhone tracks

Published

8 hours ago

May 26, 2026

Press Room

Are Apple devices spying? What your iPhone tracks

NEWYou can now listen to Fox News articles!

It starts with a small moment that feels a little too coincidental. You say something out loud, then an ad shows up that feels way too specific.

Bill recently reached out to us asking if the Apple devices in his home are actually spying on him.

It is a fair concern. The short answer is no, your Apple devices are not secretly recording everything you say. But they are listening in specific ways and collecting some data. Once you understand how it works, you can decide what to change. If you have an Android, here are the privacy settings you should review.

The iPhone actually collects some data based on your settings but does not secretly record your conversations. (Anna Barclay/Getty Images)

Sign up for my FREE CyberGuy Report

Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

What is actually happening behind the scenes

To understand what is really going on, it helps to break down how your devices listen, what data gets collected and where the bigger risks live.

Voice assistants are always on standby

If you use Siri on your iPhone or other Apple devices, your device is always listening locally for the wake phrase. It isn’t recording full conversations. When it hears the trigger, it starts processing your request.

MUST-DO PRIVACY SETTINGS ON YOUR IPHONE IN IOS 18.1

Siri may send that request to Apple’s servers when needed, although much of the processing now happens directly on your device. Even so, accidental activations happen. That can lead to short snippets of audio being processed when you did not intend it.

Apple still collects some data

Apple markets itself as privacy-focused, especially compared to Google and Meta Platforms. That is generally true, but Apple still gathers certain types of data, depending on your settings, including:

Device usage patterns
Location data if enabled
Siri interactions
App analytics if you allow it

5 TECH TERMS THAT SHAPE YOUR ONLINE PRIVACY

Apple says much of this is anonymized; simply put, that means it isn’t directly tied to your name or identity, but it still exists.

Apps are often the bigger privacy risk

Here is where things get more important.

Most privacy exposure does not come from Apple itself. It comes from the apps you install.

Many apps request access to:

Your microphone
Your camera
Your contacts
Your location

If you approve those permissions, apps can collect more data than you expect. Some of that data can be shared with advertisers or third parties.

IS THAT IPHONE APP SPYING? APPLE’S APP PRIVACY REPORT REVEALS ALL

Why it feels like your phone is listening to you

You have probably had this experience. You mention something out loud, then an ad appears later. That usually has nothing to do with your microphone.

Instead, it is driven by:

Your browsing activity and search history
Tracking data from websites
Location patterns
Data brokers connecting activity across devices

All of that creates a detailed profile of your interests. The ads feel personal because they are based on your behavior, not your conversations.

How to take control of your iPhone privacy settings

If you want more control over your privacy, a few simple changes can make a big difference.

1) Turn off “Hey Siri” if you do not use it

Go to Settings
Tap Apple Intelligence & Siri
Tap “Talk & Type to Siri”
Disable “Listen for ‘Hey Siri’” by tapping Off

2) Review which apps can use your microphone

Go to Settings
Tap Privacy & Security
Tap Microphone
Turn off access for apps that do not need it

3) Limit app tracking

Go to Settings
Tap Privacy & Security
Tap Tracking
Turn off “Allow Apps to Request to Track”

4) Disable analytics sharing

Go to Settings
Tap Privacy & Security
Scroll down and tap Analytics & Improvements
Turn everything off

5) Check location access

Go to Settings
Tap Privacy & Security
Tap Location Services
Set most apps to “While Using” or “Never”

IS YOUR PHONE LISTENING TO EVERYTHING YOU SAY? IT’S COMPLICATED

Start in Settings to review the privacy controls that determine what data your iPhone can access and share. (Kevin Carter/Getty Images)

6) Review camera access

Go to Settings
Tap Privacy & Security
Tap Camera
Turn off access for any app that does not truly need it

7) Turn off Bluetooth tracking for apps

Some apps use Bluetooth to track nearby devices or location patterns.

Go to Settings
Tap Privacy & Security
Tap Bluetooth
Turn off access for apps that do not need it

8) Check Photos access (often overlooked)

Apps can access your entire photo library, including metadata like location.

Go to Settings
Tap Privacy & Security
Tap Photos
Set apps to “Selected Photos” or “None” where possible

9) Use Apple’s App Privacy Report

Go to Settings
Tap Privacy & Security
Scroll down and tap App Privacy Report

Turn it on to see which apps access your data and when

10 Audit location system services (advanced but valuable)

Go to Settings
Tap Privacy & Security
Tap Location Services
Click System Services

Some of these run quietly in the background. You can turn several off without affecting how your iPhone works day to day.

Turn these OFF (for more privacy, minimal impact)

Alerts & Shortcuts Automations (only needed if you use location-based automations)
Apple Pay Merchant Identification (used to verify store location during payments)
Cell Network Search (helps Apple improve carrier data)
Device Management (mainly for work or enterprise devices)
Home (only needed if you use Apple Home automations tied to location)
In-App Web Browsing (not essential for most users)
Suggestions & Search (location-based Siri suggestions)
System Customization (personalized system behavior)
iPhone Analytics (shares location data with Apple)
Improve Maps (sends location data to improve Apple Maps)

Optional depending on your usage:

Routing & Traffic (turn off if you don’t use Apple Maps for navigation)

Leave these ON (core features & accuracy)

Emergency Calls & SOS (critical for emergency response)
Find My iPhone (needed to locate a lost device)
Networking & Wireless (improves GPS, Wi-Fi, and Bluetooth accuracy)
Compass Calibration (keeps directions accurate)
Motion Calibration & Distance (used for fitness and movement tracking)
Setting Time Zone (automatically updates time when traveling)
Satellite Connection (important for emergency connectivity on newer iPhones)
Wi-Fi Calling (helps with calls in weak signal areas)

Leave ON (unless you have a specific reason)

Share My Location (turn off only if you don’t use Find My sharing)
Significant Locations & Routes → TURN OFF if you want maximum privacy (This tracks places you visit frequently.)

What those arrows mean (from your screen)

Purple arrow = recently used your location
Gray arrow = used your location in the last 24 hours

You don’t need to flip everything off. Focus on ads, analytics, suggestions and tracking features. Those give you the biggest privacy win without breaking anything.

11) Add an extra layer of protection

Even with strong settings, your data can still circulate through data brokers or exposed databases. Using an identity protection service can help monitor your personal data, alert you to suspicious activity and add financial safeguards if something goes wrong. See my tips and best picks on best identity theft protection at CyberGuy.com.

Turning off analytics sharing limits how much usage and location data your device sends back to Apple. (Portra/Getty Images)

Kurt’s key takeaways

Apple devices are not secretly recording your conversations all day. Still, they do listen for Siri and collect certain types of data. The bigger concern comes from the apps you install and the broader tracking ecosystem that follows you across the internet. The good news is you have more control than you might think. A few minutes in your settings can significantly reduce what your devices share.

If your devices already know so much based on your behavior alone, how much privacy are you willing to trade for convenience going forward? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Technology

Sennheiser’s new Momentum 5 headphones have upgraded ANC and a replaceable battery

Published

20 hours ago

May 26, 2026

Press Room

Sennheiser’s new Momentum 5 headphones have upgraded ANC and a replaceable battery

Nearly four years after the last version of Sennheiser’s Momentum headphones debuted with a redesign that traded a retro aesthetic for a more contemporary and comfortable design, the company has announced its Momentum 5 Wireless headphones. They look very similar to their predecessors, the Momentum 4, with large ear cups and a design that doesn’t quite stand out from the competition. But under the hood there are welcome upgrades, including improved ANC and, for the first time, a user-replaceable battery to extend their life.

The Momentum 5 Wireless will be available starting on June 30th for $399.99, a $50 price bump over the Momentum 4. The headphones feature the same 42mm drivers as the Momentum 3 and 4 models, but Sennheiser is introducing “Hi-Res Audio certification” and expanding the Momentum 5’s Bluetooth codec support to include AptX Lossless. That allows the headphones to stream 16-bit/44.1kHz CD-quality sound, but only from devices with a Qualcomm processor supporting that codec through the Snapdragon Sound platform. Smartphones from Sony and Motorola should be compatible, however Samsung, Google, and Apple devices won’t be.

Sennheiser has also doubled the number of microphones on the Momentum 5, which now feature four on each side to improve noise cancellation. The company claims its latest headphones are up to three times more effective at reducing the sound of voice chatter and the drone experienced in airplane cabins. The upgraded ANC and added mics also help improve call quality, both when it comes to picking up your voice and ensuring you can hear the person you’re talking to.

The Momentum 5’s battery life lasts up to 57 hours. It’s a small hit from the Momentum 4’s 60 hours, but still nearly double what you’ll get from the Sony WH-1000XM6, which can only muster up to 30 hours with ANC turned on. Other Momentum 5 upgrades include a new carrying case that’s 20 percent smaller, support for Dolby Atmos and spatial audio with head tracking, and the ability to upgrade from Bluetooth 5.4 to Bluetooth 6.0 with a future firmware update, although Sennheiser didn’t share a timeline for that.