[ad_1]
Android TV boxes are a popular way for users to revive their old TVs and prolong their lifetime by converting them into smart ones. However, according to a new report from TechCrunch, popular Android TV boxes from Chinese companies like AllWinner and RockChip come preloaded with malware capable of launching coordinated cyberattacks.
Security researcher Daniel Milisic first uncovered this problem when he purchased an AllWinner T95 box last year and discovered that the firmware was infected with malware, which enabled bad actors to establish a connection with the TV box and install any desired app or payload. While not as well-known as Google’s Chromecast or Amazon’s Fire TV Stick, these Chinese Android TV boxes have received positive reviews due to their affordable price and advertised features.
How does the malware work?
The default payload found on these compromised Android TV boxes is clickbot, a type of malware that generates revenue by automatically clicking on ads in the background. Therefore, as soon as a user powers on their TV, the malware receives instructions from servers and starts making money.
However, upon further investigation, Milisic also discovered that his T95 box was part of a larger botnet comprising thousands of compromised Android TV boxes worldwide. In addition to the AllWinner T95, other models from AllWinner and RockChip, such as the AllWinner T95Max, RockChip X12 Plus, and RockChip X88 Pro 10, also come with pre-installed malware.
Stay protected
While the investigation did prompt the bad actors to take down the command-and-control servers, Milisic claims that the botnet could easily resurface with new infrastructure at any given time. Therefore, it is the responsibility of retailers like Amazon to ensure that the products they sell do not pose any harm to consumers. On the other hand, users should also exercise caution before purchasing an Android TV box from Amazon and, if possible, only consider reputable brands like Google and Nvidia. Although cheaper options may seem tempting due to their affordability and customization options, compromising data security and privacy is not worth the risk.
[ad_2]
Source link