1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Millions of Android streaming boxes hit by damaging malware

    From TechnologyDaily@1337:1/100 to All on Fri Sep 13 16:15:05 2024
    Millions of Android streaming boxes hit by damaging malware

    Date:
    Fri, 13 Sep 2024 16:01:00 +0000

    Description:
    Vo1d backdoor is compromising older streaming boxes powered by Android.

    FULL STORY ======================================================================

    More than a million TV streaming boxes running older versions of Android are currently infected with malware which could allow hackers to take over the devices, experts have warned.

    Cybersecurity researchers from Dr.Web recently discovered 1.3 million TV streaming boxes, powered by the Android Open Source Project, infected with a piece of malware called Vo1d.

    While the malware was said to grant the attackers total control over the infected instances, the researchers didnt discuss what they were actually
    used for. We can make an educated guess that theyre being added to a botnet, to be used for DDoS attacks. They can also be used as a way into the wider network, or as a way to install ad-serving apps. Messing with the firmware

    The victims are scattered all over the world, with the majority are located
    in Brazil, Morocco, Pakistan, Saudi ARabia, Russia, Argentina, Ecuador, Tunisia, Malaysia, Algeria, and Indonesia.

    One thing they all have in common is running an older variant of Android: Android 7.1.2; R4 Build/NHG47K, Android 12.1; TV BOX Build/NHG47K, and
    Android 10.1; KJ-SMART4KVIP Build/NHG47K.

    The researchers also dont know how these devices ended up being compromised
    in the first place, but they suspect firmware tampering.

    "One possible infection vector could be an attack by an intermediate malware that exploits operating system vulnerabilities to gain root privileges," Dr.Web noted. "Another possible vector could be the use of unofficial
    firmware versions with built-in root access."

    Reaching out to BleepingComputer , a Google representative pointed out that these devices are off-brand and not Play Protect certified Android devices.

    If a device isn't Play Protect certified, Google doesnt have a record of security and compatibility test results, they said. Play Protect certified Android devices undergo extensive testing to ensure quality and user safety. To help you confirm whether or not a device is built with Android TV OS and Play Protect certified, our Android TV website provides the most up-to-date list of partners.

    To remain secure, it would be best not to download shady TV boxes, keep your devices firmware up to date, and only install apps from vetted sources.

    Via BleepingComputer More from TechRadar Pro Thousands of Android TV boxes hit by dangerous new malware-dropping botnet Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/millions-of-android-streaming-boxes-hit -by-damaging-malware


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)