Android TV Boxes with Malware

value hunter on 22/02/2024 - 15:36
Last edited 22/02/2024 - 16:34 by 1 other user

I've recently read a few articles about Android TV boxes that have malware or 'backdoors' installed on them.

These articles go on to say these boxes allow groups to undertake fraudulent activity.

I was trying to understand what the risks were for the users of these boxes but I found the explanations to be a bit technical for me. Could someone help explain in more simple or 'laymans' terms?

Here are a couple of extracts and the article links:

"Here's how the scheme works. The devices are built in China, where, at some point in the commercial supply chain before they're delivered to resellers or stores, a malware-based firmware backdoor is installed. The backdoor is built on Triada malware, a "downloader" whose main purpose is to establish a backdoor through which other malicious programming can be downloaded and installed. Dubbed Badbox infections, these backdoors are linked to a global network of fraud and cybercrime.

Hackers then use this access to compromised devices to execute multiple types of fraud, including advertising fraud, the creation of fake Gmail and WhatsApp accounts and remote code installation, Human Security's report explains. The group behind the scheme is selling access to residential networks commercially and claims to have access to millions of mobile IP addresses."

https://www.tomsguide.com/news/thousands-of-android-tv-boxes…

"A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.

Bigpanzi infects the devices via firmware updates or backdoored apps the users are tricked into installing themselves, as highlighted in a September 2023 report by Dr. Web.

The cybercriminals monetize these infections by turning the devices into nodes for illegal media streaming platforms, traffic proxying networks, distributed denial of service (DDoS) swarms, and OTT content provision."

https://www.bleepingcomputer.com/news/security/bigpanzi-botn…

Are these articles saying that if you use these boxes your home network is open for use by external parties? Are other devices on the network also exposed?

Computing Media Player Android

Comments

  • jv on 22/02/2024 - 15:42
    +2

    Android TV Boxes with Malware

    What kind of malware are you after?

  • ESEMCE on 22/02/2024 - 16:10
    +1

    Are these articles saying that if you use these boxes your home network is open for use by external parties? Are other devices on the network also exposed?

    Yes and quite likely Yes

  • star-ggg on 22/02/2024 - 16:42
    +1

    Is there a way to flash these boxes and install own OS?

  • Davo1111 on 22/02/2024 - 16:53

    Are these articles saying that if you use these boxes your home network is open for use by external parties?

    boxes that have the malware, yes.

    If you got given a laptop from a friend riddled with viruses and kept using it on your network. Ultimatly it's using your network to do things unsolicited.

  • ihfree on 22/02/2024 - 16:55
    +1

    Are these articles saying that if you use these boxes your home network is open for use by external parties?

    Yep - ET call home.

    Are other devices on the network also exposed?

    Once you have a device inside your firewall, it can be used to probe other vulnerable or unsecured devices and possibly compromise them as well.

  • subwoofer on 22/02/2024 - 17:02
    -1

    I'd say that the article has political motives to scare people from buying Chinese products

    • plmko on 22/02/2024 - 19:17
      +2

      Can't believe people still get sucked into random news like this. It's the oldest type of article.

      Zero credibility and zero proof and suddenly everyone believes it but nobody puts the same onus the other way, who's at the other end of the article.

      Remember those Logitech hacks everyone got scared of? LOL

      • Sinnerator on 23/02/2024 - 08:19

        RIGHT, because cybercrime is a myth

  • USER DC on 22/02/2024 - 17:37

    Buy a dumb TV and use Google Chromecast or Amazon equivalent only

    or buy a good reputable brand TV that wont have stuff like that (samsung, LG, Sony, Panasonic, Soniq, Hisense, Bauhn) - Some of these make not a good quality TV but they wont come with spywares, malwares by default tho.

  • value hunter on 22/02/2024 - 18:08
    -1

    found this article, which I found understandable in relation to what these boxes may be doing in the background

    https://techcrunch.com/2023/05/18/popular-android-tv-boxes-s…

  • AustriaBargain on 22/02/2024 - 18:50
    +1

    Better off configuring your own IPTV service than trusting a random Android box for pirate TV.

    • Caped Baldy on 22/02/2024 - 21:28

      Is there an easy way? I set one up for my parents and it was a pretty streamlined process.

      • AustriaBargain on 22/02/2024 - 21:30

        Dunno, I still download stuff individually like it was the Middle Ages.

      • frondono on 22/02/2024 - 21:44

        what service are you using?

        • Caped Baldy on 22/02/2024 - 22:39

          I got the A3 from ebay. Comes with a bunch of apps on their app store. It ended up being easier than mucking around with apps myself and teaching my tech illiterate parents.

  • freefall101 on 22/02/2024 - 20:37
    +1

    Even major brand laptop vendors have had malware issues over the years, doesn't surprise me in the slightest that random Chinese android boxes do.

    If you don't know what you're plugging into your network, don't plug it into your network.

  • frondono on 22/02/2024 - 21:46

    Nvidia shield with real debrid is probably pretty safe.

  • Scott-APT on 23/02/2024 - 10:45

    It's not just android tv boxes.

    Do you realise why refurb companies have so many keyboards at cheap prices? That is because the government does not allow lenovo keyboard/equipment into the system.

    Ironically, they are sold by a refurb company but they have literally not been used.

    So are you more likely to have malware from that type of keyboard which is specifically manufactured for government use? Maybe, that's the risk you take when you buy those keyboards, but it is very unlikely the chinese government will drain your bank account when they can just print money from thin air.

  • bobz79 on 01/04/2024 - 20:38

    Linus Tech Tips - STOP Buying ANDROID TV Boxes!
    https://www.youtube.com/watch?v=1vpepaQ-VQQ

Login or Join to leave a comment
Login Join