In the state of Hidalgo, over 17,000 students benefited from infrastructure to access the Internet, however, they also join the list of possible victims of a botnet known as BADBOX 2.0.
BADBOX 2.0 is a botnet that turns infected devices into part of a global network used to commit digital fraud. According to a report by SILIKN, this botnet has infected around one million Android devices and uses them to carry out advertising fraud and operate as illegal proxies.
The report highlights that the vulnerability begins when devices, mainly low-cost ones, leave the factory with an integrated backdoor, allowing attackers to install malware modules remotely and without the user's knowledge.
Mexican students are at risk because BADBOX 2.0 facilitates the theft of personal data, advertising fraud, use as illegal proxies, and malware distribution. This botnet turns infected devices into tools for cybercrime, opening hidden ads, generating fake clicks, redirecting traffic, and facilitating account theft.
To protect against this threat, cybersecurity experts recommend downloading applications exclusively from the Google Play Store, keeping the operating system and applications updated, installing reliable antivirus software, reviewing the permissions of installed applications, and avoiding insecure public Wi-Fi networks.
Thousands of Mexican students who received electronic tablets through government programs could be at risk due to this botnet. Over 200,000 tablets distributed in states such as Sonora, Tamaulipas, Tabasco, and Hidalgo may have been compromised.
Between 2018 and 2025, several states in Mexico implemented programs to provide students with technology in order to reduce the digital divide. However, the threat of BADBOX 2.0 raises doubts about the security of these devices, as many may have left the factory with a backdoor. According to estimates, one million devices, including Android tablets, TV set-top boxes, digital projectors, and in-car infotainment systems, have been compromised by this botnet.
