The Android TV Boxes which mainly originate from China, hide many times malware which is capable of compromising user networks
A new report recently published by the cybersecurity firm Human Security, suggests that this security flaw may be more widespread than previously thought, as they have discovered more than 74.000 mobile phones, tablets and connected Android TV Boxes that are infected with malware, putting users' data and privacy at risk.
According to the report, most of the contaminated boxes Android TV Box are preloaded with the Triada malware, which is capable of performing a wide range of functions, including ad fraudOf creating fake accounts on platforms like the Gmail and WhatsApp and full access to home networks.
Additionally, the fact that this malware exists in more than 200 models Android TV Box of various manufacturers, indicates the magnitude of the threat.
Of all the models that have been found to carry infected software, the report mainly focuses on eight devices that have been released under the brand names T95, T95Z, T95MAX, X88, Q9, X12PLUS and MXQ Pro 5G, but also a tablet that was released under the trade name J5-W.
“This malware acts like one Swiss army knife which has the ability to cause many security gaps on the internet," said Gavin Reid, CISO of Human Security.
How does malware work?
While it is impossible to identify the exact method used by the threat actors to install the malware, it is clear that these infected devices are mainly manufactured in China and the software is loaded somewhere along the supply chain, possibly before the devices reach the end resellers .
These backdoors in security open and work once a user connects the device to their TV, and establishes a connection to a command and control server located somewhere in China, and then downloads a set of commands and starts the various malicious activities.
As explained by Reid, these "contaminated" Android TV Box they remain dormant until activated by some external commands received from those who control them remotely, and in this way Hackers can gain direct access to millions of mobile IP addresses, but also access all home networks and to the other "smart" devices present in a home and connected to the same network.
As stated by the security researcher Fyodor Yarochkin,
The bad thing is also that there is no easy way to remove this malware as well preloaded at the device Firmware level and they need special tools and specialized knowledge from the users to be able to get rid of it.
For this reason it is recommended to always buy branded products which are certainly more expensive, but you are not at risk of security gaps and malware.
Do not forget to follow it Xiaomi-miui.gr on Google News to be informed immediately about all our new articles! You can also if you use RSS reader, add our page to your list by simply following this link >> https://news.xiaomi-miui.gr/feed/gn
Follow us on Telegram so that you are the first to learn our every news!
