Cheap Android TV boxes on Amazon feature Malware, cites a new report

Share

Most of the readers must have seen cheap Android TV boxes on sale across online retailers such as Amazon, and even some might have bought those out of curiosity. However, according to a new report on TechCrunch (Via Daniel Milisic), these kind of boxes are carrying malware which are capable of launching coordinated cyberattacks.

android tv 12 is now officially out, but there's a catch

Must See: Xiaomi TV Stick 4K Officially Launched: Supports AndroidTV 11 and AV1

Especially, the AllWinner and RockChip Android TV boxes have been found operating ad-click fraud besides providing the users some exciting features at cheap rates. These boxes have massive sales on Amazon due to their highly customizable firmware that allows streaming multiple services, which are usually paid for and used separately via different devices.

cheap android tv boxes on amazon feature malware, cites a new report

Android TV Boxes malware – Modus Operandi

As per Daniel Milisic, who owns the AllWinner T95 set-top box a last year and later found that it was infected with malware. The set-top box was communicating with command and control servers leading to ad-click fraud. Upon further introspecting the issue, he found that his set-top box was connecting to a larger botnet of malware-infected Android TV boxes.

Interestingly, the malware carried clickbot as the default payload and was clicking ads behind the curtains. The malware gets active once the power is supplied, and starts awaiting the command from the control server. The complex design of malware easily allowed the preparators to push any payload easily.

Confirming the findings by Daniel Milisoc, the EFF security researcher Bill Budington suggested “throwing the box out altogether”, as it is quite complex to fix it by a normal user.

Upon confirmation about the botnets, and aggregating appropriate proofs, Daniel contacted the company which was hosting the control servers. the company took notice and shit down the ad-click malware servers.

However, as per Milisic and Budington, these botnets can always come back in any other form. So it is always advised to buy items after rigorous thinking.

Related: Advertisements on Google TV and Android TV becoming more frequent and diverse

AllWinner and RockChip didn’t comment on the situation, meanwhile, Amazon declined to confirm any inspection being done on such products before selling them.

Simranpal Singh
Simranpal Singh
With a decade-long journey in the tech industry, I've been actively engaged in tech reporting across various reputable publications. He is Web Developer by profession at RightNode Media and pursues his hobby of writing on GChromecast Hub. Enjoy travelling, and always excited about new tech trends. He actively contributes on GizmoChina and GoAndroid.

Read more

Local News

Pixel 9 and Pixel 9 Pro launched with Tensor G4 SoC, pricing starts from $799

Google launches its flagship Pixel 9 series smartphones today. The Google Pixel 9 Series includes the Pixel 9, Pixel 9 Pro, Pixel 9 Pro...

Google TV Streamer vs Apple TV, which is better?

Recently, the search engine giant launched Google TV Streamer 4K. It replaces the decade old Chromecast with Google TV. Google TV Streamer 4K will...

Google TV Streamer 4K launched with $99.99 price tag, replaces Chromecast

Google today launched its latest streaming device called "Google TV Streamer". Now, the company officially replaces the Chromecast with Google TV with the new...

All new Table-Top streaming device reportedly called “Google TV Streamer”, Launch expected soon

Since late last year, there are some leaks and rumors about the Google's new streaming device. Till now Google's only streaming device is Chromecast....