Free Video Downloader

Fast and free all in one video downloader

For Example: https://www.youtube.com/watch?v=OLCJYT5y8Bo

1

Copy shareable video URL

2

Paste it into the field

3

Click to download button


Popular Android TV boxes sold on Amazon are laced with malware
May 19, 2023

Popular Android TV boxes sold on Amazon are laced with malware

Reading Time: 2 minutes

AllWinner and RockChip might not be household names, but the two China-based companies power several wildly popular Android TV boxes that are sold on Amazon.

These Android-powered television set-top boxes are typically cheap and are highly customizable, packing several streaming services into a single device, rather than buying separate hardware. Their listings on Amazon boast four-out-of-five star ratings and collectively racked up thousands of praiseworthy reviews.

But security researchers say the models are sold preloaded with malware capable of launching coordinated cyberattacks.

Last year, Daniel Milisic bought an AllWinner T95 set-top box and discovered the chip’s firmware was infected with malware. Milisic found that the Android-powered set-top box was communicating with command and control servers and awaiting instructions on what to do next. His ongoing investigation, which he published on GitHub, found that his T95 model was out-of-the-box connecting to a larger botnet of thousands of other malware-infected Android TV boxes in homes and offices across the globe.

Milisic said the malware’s default payload is a clickbot, essentially code that generates ad money by surreptitiously tapping on ads in the background. After the affected Android TV boxes are powered on, the preloaded malware immediately contacts a command and control server, obtains its instructions of where to find the malware it needs, and pulls additional payloads to the device that carries out the ad-click fraud.

EFF security researcher Bill Budington independently confirmed Milisic’s findings after also buying an affected device from Amazon. Several other AllWinner and RockChip Android TV models are also preloaded with the malware, including the AllWinner T95Max, RockChip X12 Plus, and RockChip X88 Pro 10.

Botnets are usually made up of hundreds, if not thousands or millions, of compromised devices around the world. The operators behind the botnet can use this vast malicious network for mining cryptocurrency on an affected device, stealing data (if any) from the device or the network it’s connected to or harnessing the collective internet bandwidth from these devices to pummel other websites and internet servers with junk traffic, known as a distributed denial-of-service attack, knocking them offline.

Milisic asked the internet company hosting the command and control servers that dished out instructions to the wider botnet to pull those servers offline, and the servers hosting the ad-click malware disappeared a short time after. He warned, though, that the botnet could come back at any time with new infrastructure.

Milisic and Budington note that there’s no easy way to remove the malware for the average user. Throwing out the box altogether might be the best option for affected users.

AllWinner and RockChip did not return requests for comment.

There has been a push in recent years to improve the standards of hardware security. The Biden administration said it plans to roll out a labeling system for internet-connected devices this year as part of efforts to encourage device makers to improve their device security, such as adding update mechanisms to patch security flaws. In 2018, California passed a law that bans internet-connected devices from using default and easy-to-guess passwords, which bad actors often use to hack into devices and ensnare them into a botnet.

At the time of writing, the affected AllWinner and RockChip models are still available for sale on Amazon.

Reference: https://techcrunch.com/2023/05/18/popular-android-tv-boxes-sold-on-amazon-are-laced-with-malware/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG

Leave a Reply

Your email address will not be published. Required fields are marked *