An urgent cybersecurity alert has been issued to households across Ireland amid warnings of “large scale” cyberattacks that could compromise everyday home devices.
Grant Thornton Ireland has cautioned that devices such as Android TV boxes and TV streaming hardware are increasingly being leveraged in cyberattacks on a daily basis. The warning follows one of the largest Distributed Denial of Service (DDoS) attacks ever recorded, which occurred in November 2025.
Although the attack lasted only 35 seconds, it reached an unprecedented peak of 31.4 terabits per second. Investigations revealed that the assault was carried out by a botnet known as Kimwolf, largely made up of hijacked Android-powered televisions and TV streaming devices.
The attack was identified and mitigated by cybersecurity firm Cloudflare. However, security specialists warn that millions of low-cost, poorly secured devices remain vulnerable to infection and remote control by cybercriminals.
Experts at Grant Thornton highlighted that cyber risks are no longer limited to workplace systems. Instead, individuals are increasingly being targeted through commonly used household technology.
Once compromised, devices such as smart TVs or even smart lightbulbs can provide attackers with a gateway into a home network. From there, cybercriminals can gather personal information and launch more tailored phishing campaigns. Devices lacking proper security protections are considered the most vulnerable.
Cybersecurity Partner at Grant Thornton Ireland, Howard Shortt, said:
“Many people don’t realise that a low-cost Android TV box in their sitting room or a cheap smart lightbulb can be compromised in seconds.
“Once attackers gain access, they can use that device as part of a botnet or quietly profile the household to support more targeted and convincing phishing attacks.
“Attackers typically exploit default passwords, outdated software, or unpatched vulnerabilities in internet-connected devices and once inside a home network, can observe traffic patterns and build a profile of the household.
“That information allows criminals to engineer highly believable phishing messages.
“For example, posing as a streaming provider with a prompt to review a show you have just watched.
“At that point, the scam is no longer random and much more believable.”
Grant Thornton stressed that “the risk extends beyond TV devices” and warned that low-cost Internet of Things (IoT) gadgets are becoming increasingly common in Irish homes, often with minimal built-in security.
Shortt urged households to take a proactive stance on home cybersecurity, recommending “basic steps such as changing default passwords on all smart devices and routers”.
He also advised consumers to purchase devices only from reputable brands and trusted vendors to reduce the risk of compromise.
