Your browser is not Javascript enable or you have turn it off. We recommend you to activate for better security reasonNew malware infects Chinese Android TV boxes - FlatpanelsHD

New malware infects Chinese Android TV boxes

11 Sep 2023 | Rasmus Larsen | 
It was revealed in May 2023 that popular Chinese TV boxes built on mobile Android (AOSP) come preloaded with malware. A new malware botnet has now been discovered.

The new Mirai malware botnet, discovered by Dr. Web's antivirus team and reported by BleepingComputer, targets Android boxes sold through minor and major retailers. There are said to be millions of these boxes in active use.

- "The primary targets of this campaign are low-cost Android TV boxes like Tanix TX6 TV Box, MX10 Pro 6K, and H96 MAX X3, which feature quad-core processors capable of launching powerful DDoS attacks even in small swarm sizes," reported BleepingComputer.



H96 MAX X3
 Tanix TX6 and H96 MAX X3

The boxes are not powered by Android TV (or Google TV) certified by Google but instead mobile Android, or Android Open Source Project (AOSP) to be exact.

This allows the manufacturer of the box to modify the software and change the user interface, as opposed to officially licensed Android TV and Google TV boxes that share the same user interface as mandated by Google.



Pre-loaded or from malicious apps
Dr. Web claims that the malware arrives on the boxes in one of two ways: Either pre-loaded by the manufacturer or via malicious apps related to pirated content.

- "In the first case, those firmware updates are either installed by resellers of the devices or the users are tricked into downloading them from websites that promise unrestricted media streaming or better compatibility with a broader range of applications," the report said. "The second distribution channel is pirated content apps that promise access to collections of copyright-protected TV shows and movies for free or at a low fee."

Some of the same boxes – from AllWinner and RockChip – were in May 2023 discovered to come pre-loaded with malware, which is running a clickbot to generate ad money by tapping on ads in the background.

 Also read: Google responds to reports of malware in Android TV boxes

Once again, it was advised to only buy and use officially certified Android TV and Google TV boxes such as Chromecast or Nvidia Shield, or to switch to another platform such as Apple TV, Roku or FireTV.

- Source: BleepingComputer

Sign up for FlatpanelsHD's newsletter

The latest news, in-depth articles, reviews, and exclusives in your inbox.

Latest news

Life of Pi 3D
'Life of Pi' director abandons 3D and HFR: "Whole ecosystem is bad"
26 Apr 2024 | Rasmus Larsen |
X TV
A sneak peek at the upcoming X (Twitter) app for Smart TVs
26 Apr 2024 | Rasmus Larsen |
Philips OLED909
Apple Home & AirPlay support for the first time in 2024 Philips OLED TVs
25 Apr 2024 | Rasmus Larsen |
480Hz OLED
First 480Hz OLED panel for high-end gaming enters mass production
25 Apr 2024 | Rasmus Larsen |
Culver City LED screen
Samsung LED screens replace projectors in new Hollywood HDR studio
25 Apr 2024 | Rasmus Larsen |
Sony One LG TV
LG debuts its first free channel plus Sony One channels on TVs in Europe
24 Apr 2024 | Rasmus Larsen |
State of UHD Blu-ray 2024
The State of Ultra HD Blu-ray in 2024
23 Apr 2024 | Yoeri Geutskens |
Meta Horizon OS
Meta is opening up its Horizon OS to other hardware makers
23 Apr 2024 | Rasmus Larsen |

Sitemap

Newsletter

Once or twice a week

Social Media