Cheap Android TV boxes on Amazon feature Malware, cites a new report

Share

Most of the readers must have seen cheap Android TV boxes on sale across online retailers such as Amazon, and even some might have bought those out of curiosity. However, according to a new report on TechCrunch (Via Daniel Milisic), these kind of boxes are carrying malware which are capable of launching coordinated cyberattacks.

android tv 12 is now officially out, but there's a catch

Must See: Xiaomi TV Stick 4K Officially Launched: Supports AndroidTV 11 and AV1

Especially, the AllWinner and RockChip Android TV boxes have been found operating ad-click fraud besides providing the users some exciting features at cheap rates. These boxes have massive sales on Amazon due to their highly customizable firmware that allows streaming multiple services, which are usually paid for and used separately via different devices.

cheap android tv boxes on amazon feature malware, cites a new report

Android TV Boxes malware – Modus Operandi

As per Daniel Milisic, who owns the AllWinner T95 set-top box a last year and later found that it was infected with malware. The set-top box was communicating with command and control servers leading to ad-click fraud. Upon further introspecting the issue, he found that his set-top box was connecting to a larger botnet of malware-infected Android TV boxes.

Interestingly, the malware carried clickbot as the default payload and was clicking ads behind the curtains. The malware gets active once the power is supplied, and starts awaiting the command from the control server. The complex design of malware easily allowed the preparators to push any payload easily.

Confirming the findings by Daniel Milisoc, the EFF security researcher Bill Budington suggested “throwing the box out altogether”, as it is quite complex to fix it by a normal user.

Upon confirmation about the botnets, and aggregating appropriate proofs, Daniel contacted the company which was hosting the control servers. the company took notice and shit down the ad-click malware servers.

However, as per Milisic and Budington, these botnets can always come back in any other form. So it is always advised to buy items after rigorous thinking.

Related: Advertisements on Google TV and Android TV becoming more frequent and diverse

AllWinner and RockChip didn’t comment on the situation, meanwhile, Amazon declined to confirm any inspection being done on such products before selling them.

Simranpal Singh
Simranpal Singh
With a decade-long journey in the tech industry, I've been actively engaged in tech reporting across various reputable publications. He is Web Developer by profession at RightNode Media and pursues his hobby of writing on GChromecast Hub. Enjoy travelling, and always excited about new tech trends. He actively contributes on GizmoChina and GoAndroid.

Read more

Local News

Google TV Streamer’s Home Panel Now Accessible on Older Devices

Great news for Chromecast and Google TV users. Google is slowly introducing new Google TV Streamer features to older devices. Earlier this month, users...

Google Unveils ‘Hold Close to Cast’ Feature for UWB Pixel Phones and Tablets

In the era of streaming, moving media between devices has become simpler, and with Google’s new “Hold close to cast” feature currently available on...

Pixel 6 Devices Hit by Bricking Issue After Android 15 Update

It has been almost a week since Google started releasing the Android 15 update for Pixel devices. The new Android 15 has several improvements...

Google Photos rolled out desktop folder backups

Google Photos just launched an amazing new feature that lets users easily back up folders from their PC to the cloud directly through its...