Your browser is not Javascript enable or you have turn it off. We recommend you to activate for better security reasonNew malware infects Chinese Android TV boxes - FlatpanelsHD

New malware infects Chinese Android TV boxes

11 Sep 2023 | Rasmus Larsen |

It was revealed in May 2023 that popular Chinese TV boxes built on mobile Android (AOSP) come preloaded with malware. A new malware botnet has now been discovered.

The new Mirai malware botnet, discovered by Dr. Web's antivirus team and reported by BleepingComputer, targets Android boxes sold through minor and major retailers. There are said to be millions of these boxes in active use.

- "The primary targets of this campaign are low-cost Android TV boxes like Tanix TX6 TV Box, MX10 Pro 6K, and H96 MAX X3, which feature quad-core processors capable of launching powerful DDoS attacks even in small swarm sizes," reported BleepingComputer.

H96 MAX X3

Tanix TX6 and H96 MAX X3

The boxes are not powered by Android TV (or Google TV) certified by Google but instead mobile Android, or Android Open Source Project (AOSP) to be exact. This allows the manufacturer of the box to modify the software and change the user interface, as opposed to officially licensed Android TV and Google TV boxes that share the same user interface as mandated by Google.

Pre-loaded or from malicious apps

Dr. Web claims that the malware arrives on the boxes in one of two ways: Either pre-loaded by the manufacturer or via malicious apps related to pirated content. - "In the first case, those firmware updates are either installed by resellers of the devices or the users are tricked into downloading them from websites that promise unrestricted media streaming or better compatibility with a broader range of applications," the report said. "The second distribution channel is pirated content apps that promise access to collections of copyright-protected TV shows and movies for free or at a low fee." Some of the same boxes – from AllWinner and RockChip – were in May 2023 discovered to come pre-loaded with malware, which is running a clickbot to generate ad money by tapping on ads in the background. Also read: Google responds to reports of malware in Android TV boxes Once again, it was advised to only buy and use officially certified Android TV and Google TV boxes such as Chromecast or Nvidia Shield, or to switch to another platform such as Apple TV, Roku or FireTV. - Source: BleepingComputer

Sign up for FlatpanelsHD's newsletter

The latest news, in-depth articles, reviews, and exclusives in your inbox.

Latest news

TCL S4 Fire TV

TCL adds more Fire TVs to its line-up in the US

21 Sep 2023 | Rasmus Larsen |
Fire TV Stick 4K Max

Amazon launches faster Fire TV Stick 4K Max with WiFi 6E, 2x storage

21 Sep 2023 | Rasmus Larsen |
Fire TV AI

Fire TV gets an AI boost for conversational voice search and art

21 Sep 2023 | Rasmus Larsen |
Assassins Creed Mirage Apple

A17 Pro chip paves the way for AAA console games on Apple TV

20 Sep 2023 | Rasmus Larsen |
LG Channels 23.0

LG rolls out revamped 'Channels' app for free ad-supported streaming content

20 Sep 2023 | Rasmus Larsen |

Chip for next-gen Google TV boxes and sticks revealed

20 Sep 2023 | Rasmus Larsen |
Xbox 2028

Microsoft's next-gen Xbox is planned for 2028

19 Sep 2023 | Rasmus Larsen |
2024 Xbox Series X

Redesigned Xbox Series X 2TB without a disc drive leaked

19 Sep 2023 | Rasmus Larsen |