Thousands of Cheap Android TV Devices Infected with Malware

Thousands of people who own cheap Android TV streaming boxes have unwittingly become victims of a massive fraud scheme. Security researchers at Human Security have uncovered a hidden network of fraud schemes linked to these infected devices, which are in homes, businesses, and schools across the US.

The infected devices, including seven Android TV boxes and one tablet, were found to have a firmware backdoor installed, allowing them to access apps installed on the devices and communicate with servers in China. The fraud schemes associated with these devices include advertising fraud, the creation of fake accounts, and remote code installation. Additionally, residential proxy services were being sold by the group behind the scheme, claiming access to over 10 million home IP addresses and 7 million mobile IP addresses.

Furthermore, a related ad fraud operation called Peachpit, involving 39 Android, iOS, and TV box apps, was also discovered. This operation involved hidden advertisements, spoofed web traffic, and malvertising, resulting in billions of ad requests per day.

While Human Security and other security firms have taken action against these fraud schemes, the infected devices are still present in people’s homes and networks. The best advice for consumers is to buy branded devices from trusted manufacturers and to be cautious about connecting unknown IoT devices to their home networks.

Source: Your Cheap Android TV Streaming Box May Have a Dangerous Backdoor