Attackers installing malware backdoors on cheap Android TV boxes
Researchers at Human Security have published a report detailing the scope of infected media streaming sticks and boxes.
According to the report, researchers found seven Android TV boxes and one tablet with backdoors installed that can lead to the devices being infected with malware.
“They’re like a Swiss Army knife of doing bad things on the Internet,” said Gavin Reid, chief information security officer at Human Security.
“This is a truly distributed way of doing fraud.”
Human Security split its research into two segments — Badbox and Peachpit infections.
Badbox infections relate exclusively to compromised Android devices and how they are linked to fraud and cybercrime. In contrast, Peachpit infections relate to advertising fraud in at least 39 Android and iOS apps.
The Team’s Badbox research noted eight devices with backdoors installed, including seven Android TV boxes: the T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro.
It should be noted that these devices are often sold unbranded or under different brand names, making it challenging to determine their source.
Human Security said its team observed at least 74,000 Android-based mobile phones, tablets, and TV boxes that show signs of Badbox infection.
The TV devices are built in China, and at some stage, before they reach the inventories of resellers, a Triada malware-based firmware backdoor is added to them.
Regarding the team’s Peachpit research, Google says it removed the 39 problematic apps from the Google Play Store, while Apple notes that it found issues in several apps.
Now read: WhatsApp getting built-in VPN protection for calls
Loading ...