Thousands of Android Devices Come With a Hidden Backdoor
Your cheap Android TV streaming box might be facilitating cybercrime.
Oct 9: New research suggests your Android TV streaming box might be facilitating cybercrime.
In January, a researcher discovered his inexpensive Android TV streaming box purchased on Amazon, concisely named the T95, was infected with malware before he ever took it out of the box, with multiple other researchers confirming his findings.
This week, cybersecurity firm Human Security shared a little more about this issue, notably how many devices are infected, Wired reports.
The company found seven Android TV boxes and one tablet with backdoors installed, and the group found signs that 200 different models of Android devices might potentially be impacted, the magazine reports.
Specifically, the devices in question are the T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G, and a tablet J5-W. The devices are often sold unbranded or under different names, often making them hard to locate.
When you plug the device in, it downloads a set of instructions from China and starts “doing a bunch of bad stuff,” researchers say, ranging from creating fake Gmail and WhatsApp accounts using your connection to selling access to your home network to others.
There’s also an app-based element to the issue, with apps that people may have unknowingly downloaded onto their devices. Google removed many of the impacted apps from Google Play following Human Security’s report.
According to the company’s research, the ads involved were making 4 billion ad requests per day, with 121,000 Android devices and 159,000 iOS devices impacted. The infected apps had been downloaded an estimated 15 million times.
The malware for the set-top boxes in particular is difficult if not impossible to remove.
As for what you can do to protect yourself, the largest piece of advice is to buy devices from brands you know and trust. While you can save a few bucks by buying a brand-free device, you might be getting a little more than you bargained for.
(PCMag)
Leave Comment