Vo1d is a significant piece of malware that emerged in the wild in September 2024, evolving into one of the most prevalent Android botnets known, particularly targeting smart TVs and low-cost Android TV devices. Initially recognized as a backdoor, Vo1d's capabilities have expanded to enable the installation of additional malicious software, the operation of proxy services, and the execution of ad fraud schemes. By early 2025, projections indicated that Vo1d had compromised between 1.3 to 1.6 million devices globally. Recent activity from Darktrace revealed a marked increase in Vo1d-related incidents, predominantly affecting customers in South Africa. Many of the compromised devices displayed abnormal network behavior, such as excessive DNS queries, which is indicative of malware activity.