That Android TV we love is not something new, since Google’s operating system for devices connected to the television is very complete and allows us to access the wide range of applications through the Play Store. In addition, we have quite a few options to choose from despite the fact that it is not without its flaws.
However, the cheapest Android TV TVs and devices come from Chinese manufacturers, which face a tough problem: the malware. Attention if you have an Android TV with any of these processors, as you could be exposing your information.
The gateway is the processor
Maybe you read the names AllWinner or RockChip and don’t know what we’re talking about. Well, they are about two processor manufacturersmainly aimed at cheap Android TV devices that take over electronic stores like Amazon.
Probably, if you enjoy Android TV on a device with these characteristics, you have been guided by the many positive reviews that users leave online. Actually, they are enough devices to enjoy streaming platforms but now we know that they were hiding a secret.
These, according to security researchers echoed by TechCrunch, come preloaded with a malware with the ability to launch coordinated attacks. It all started when a user, daniel milisicdiscovered how its AllWinnet T95 chip-based set-top box communicated with command and control servers, waiting for instructions on what to do next.
Posted on GitHubshowed how his model was connected to a network of bots along with thousands of other Android TV devices from around the world. According to the user, the malware is nothing more than a clickbotthat make money with ad clicks. Everything happens in the background, so we would not see this activity. Thus, these Android TVs connected to the servers, just when turned on, to obtain instructions from the malware, causing fraudulent use.
The problem lies not only in the detected behavior, but if they wanted to, “authors can send any payload”, changing the running task. Another security researcher, attached to the EFF (Electronic Frontier Foundation) Maintains that other similar devices also contain the malwaresuch as the AllWinner T95Max, RockChip X12 Plus.
As users, we cannot remove this virus or malware. If you suspect that your device is being affected, it is best to stop using it.
The actual size of this is unknown. botnet, but we do know that it is possible to use it for other malicious purposes: cryptocurrency mining, data theft, and taking advantage of users’ bandwidth to bombard websites. Milisic managed to shut down the malware control servers by contacting the ISP. Of course, he warns that this can “return at any time with new infrastructures.”
For the average user, there is no easy way to remove this malwareTherefore, disposing of these boxes that contain Android TV could be a good option. From here, the corrective measures would go through “requiring vendors to be more demanding.”
Via | TechCrunch
In Xataka Android | TVs with Android TV and little space: this is what streaming apps occupy