More than a million TV streaming devices running older versions of Android are currently infected with malware that could allow hackers to take control of the devices, experts have warned.
Cybersecurity researchers at Dr.Web recently discovered 1.3 million TV streaming devices, powered by the Android Open Source Project, infected with malware called Vo1d.
While the malware was said to give attackers full control over infected instances, researchers did not explain what they were actually used for. We can assume they are being added to a botnet to be used in DDoS attacks. They can also be used as a way to break into the wider network or as a way to install apps that serve ads.
Playing with the firmware
The victims are spread across the globe, with the majority found in Brazil, Morocco, Pakistan, Saudi Arabia, Russia, Argentina, Ecuador, Tunisia, Malaysia, Algeria and Indonesia.
One thing they all have in common is that they run an older variant of Android: Android 7.1.2; R4 Build/NHG47K, Android 12.1; TV BOX Build/NHG47K and Android 10.1; KJ-SMART4KVIP Build/NHG47K.
Researchers also don't know how these devices ended up being compromised in the first place, but they suspect it was a firmware manipulation.
“A possible infection vector could be a man-in-the-middle malware attack that exploits operating system vulnerabilities to gain root privileges,” Dr.Web noted. “Another possible vector could be the use of unofficial firmware versions with built-in root access.”
Reaching out to Computer beepingA Google representative noted that these devices are not branded and are not Play Protect-certified Android devices.
“If a device is not Play Protect certified, Google does not have a record of safety and compatibility testing results,” they said. “Android devices certified with Play Protect undergo extensive testing to ensure quality and user safety. To help you confirm whether a device is built with the Android TV operating system and Play Protect certified, our Android TV website provides the most up-to-date list of partners.”
To stay safe, it would be best not to download suspicious TV boxes, keep your devices' firmware up to date, and only install apps from verified sources.
Through Computer beeping
