November 24, 2025

Botflix and chill?

Article URL →HN comments →

Is Your Android TV Streaming Box Part of a Botnet?

Best Buy’s $400 ‘free TV’ box might make your Wi‑Fi a crime relay — commenters are livid

TLDR: Security researchers say Superbox’s unofficial app store can turn your home internet into a relay for strangers’ traffic linked to fraud. Commenters are split between shock it’s sold at Best Buy and practical advice to quarantine it, while others nitpick branding, asking: is this loophole or low-key botnet?

Superbox’s $400 “free TV” promise has the crowd clutching their remotes. Experts say to unlock those 2,200+ channels you ditch Google’s Play store for an unofficial “Blue TV Store,” install special apps, and—surprise—your home Internet gets roped into a “residential proxy,” meaning your Wi‑Fi relays strangers’ traffic that can fuel ad fraud and account takeovers. Censys engineer Ashley even demoed units bought at Best Buy, warning that big‑box shelves don’t equal safety.

Commenters came in hot. 0xWTF joked we’ll all need a “personal CISO” (a security boss) just to watch sports. ndiddy was gobsmacked it’s sold off‑the‑shelf, side‑eyeing retailers: did they weigh quick sales against angering Netflix and ESPN? j45 yelled “quarantine it!”—keep it on a guest network. aerzen asked if OpenWrt (a DIY router system) can spot sketchy traffic. Meanwhile bsimpson hates the scare framing and the brand muddle: Android TV vs Google TV. The messy debate: Is Superbox a clever loophole or a sneaky way to turn living rooms into mini botnets? Superbox insists it’s “just hardware” and customers choose the apps, but readers call that a fig leaf: you only get the magic after replacing Google’s store. Meme of the day: Botflix and chill—but preferably on a segmented network.

Key Points

  • Superbox markets $400 streaming devices claiming access to 2,200+ services without monthly fees.
  • To enable free channel access, users must install device-specific apps and replace Google Play with an unofficial app store.
  • Superbox devices do not run Google-certified Android TV; apps are loaded outside Google’s ecosystem.
  • Experts say the apps enroll devices into a distributed residential proxy network relaying traffic tied to cybercrime.
  • Censys researchers, including Ashley, examined Superbox units—one bought at BestBuy—in a malware lab.

Hottest takes

"Are we all supposed to... have a personal CISO?" — 0xWTF
"You can buy pirate TV off the shelf at Best Buy?" — ndiddy
"‘Android TV’ or ‘Google TV’? Even Wikipedia’s confused" — bsimpson

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.