Security researchers found malware in popular Android-powered TV set-top boxes sold on Amazon.
Daniel Milisic found the All-Winner T95 set-top box he bought last year was communicating with command-and-control servers and awaiting instructions, as part of a global botnet of other malware-compromised Android TV boxes.
Milisic said a clickbot comprises the malware's default payload; once the TV boxes are powered on, the preloaded malware contacts a command-and-control server, acquires instructions to obtain the required malware, and draws additional payloads to the device that executes ad-click fraud.
Although the Internet company hosting those servers took them offline at Milisic's request, he cautioned that the botnet could return with new infrastructure.
Malware also is preloaded onto several other AllWinner and RockChip Android TV models, while Milisic said holding retailers to a higher standard is the only solution.
View Full Article
Abstracts Copyright © 2023 SmithBucklin, Washington, DC, USA
No entries found