New research from Doctor Web has claimed some cheap Android TV boxes are serving secondary functions as hosts for the Mirai trojan, and some customers might not even be up to anything dodgy to have deserved the attack.
This follows news just a few months ago that another wave of malware was affecting budget Android boxes (via Tom’s Guide). This time, the same AllWinner and RockChip-based devices are being affected – both models belong to Chinese companies.
Affected models – Dr Web mentions Tanix TX6 TV Box, MX10 Pro 6K, H96 MAX X3 – now look to be giving up some of their processing power to carry out DDoS attacks or launching clickbots by advertisers to facilitate ad fraud.
Android TV boxes are popular because they are very cheap – often costing less than $20 – and offer a similar feature set to Windows PC.
You don’t know what your cheap Android TV box could be up to
According to Doctor Web, malware can arrive on an unsuspecting victim’s device in one of two ways. It can either be pushed via a firmware update directly from a manufacturer or can be downloaded unknowingly by a user.
In the case of the latter, a user may visit websites and streaming services that promise to deliver content for free, which often promises to be ‘unlocked’ by downloading certain files. It is, of course, these files that end up transporting malware to a host device.
While challenging the monopoly of the dominating companies is an important part of consumerism, hence the broad array of devices available that use the Android Open Source Project (AOSP) platform to access digital content, it’s generally a good idea to be weary of any alternatives from unknown manufacturers. Frankly, abusing consumers’ trust by pushing malware via firmware updates is immoral at the very least.
However, there are some more proactive steps that TV streaming fans can take to protect themselves online. This includes ensuring that the source of a download is reputable and being weary of promises that sound ‘too true.’
