Kimwolf, a botnet that has infected over 2 million devices, has reportedly compromised the control panel of Badbox 2.0, another significant botnet believed to be based in China. This control panel hack was revealed through a screenshot shared by the Kimwolf operators, which identified an account belonging to one of the botmasters, known as Dort. Badbox 2.0, which Google claims involves over ten million illicit Android streaming devices, has a history of infecting devices either before purchase or through malicious apps downloaded during setup. Google's legal action against unidentified Badbox 2.0 operators dates back to July 2025, following an FBI advisory that warned about cybercriminals gaining unauthorized access to home networks. The FBI had linked Badbox 2.0 to the original Badbox botnet, which was first identified in 2023. The article delves into the background of individuals connected to the botnets, particularly focusing on email addresses and associated companies that suggest ties to the operation of Badbox 2.0. The piece also highlights how Kimwolf spreads by exploiting residential proxy services to send malicious commands to vulnerable Internet of Things (IoT) devices. These devices, often low-security Android TV boxes, are easy targets due to their lack of built-in security measures. Recent efforts by proxy providers to close these vulnerabilities may hinder Kimwolf’s rapid expansion, but the revelation of their access to Badbox 2.0 raises significant concerns about the broader implications for cybersecurity.