The Katana botnet, identified as a variant of the Mirai malware, specifically targets Android TV set-top boxes that are typically low-cost and lack robust security measures like Google Play Protect. Katana exploits ADB (Android Debug Bridge) vulnerabilities, facilitating unauthorized access through residential proxy services. This technique has enabled mass exploitation of Android-based devices without needing sophisticated exploits—operators merely require a subscription for these proxies to gain access to millions of vulnerable devices.