Beware: Many No-name Android TV Boxes Come With Hidden Backdoor
Beware: Many No-name Android TV Boxes Come With Hidden Backdoor
In case you aren’t aware – it’s not always a good idea to buy a no-name device off some shady sellers on the Internet. These devices, while dirt cheap, may come with bad surprises: namely, malware. As the cybersecurity firm Human Security found out, it’s a lot more prominent than it seems.
It all started on this January when security researcher Daniel Milisic found out a cheap streaming box named T95 is loaded with malware right out of the box, which is subsequently verified by various other researchers.
Human Security discovered that these devices, built in China, involves seven TV box models (T95, T95Z, T95MAX, X88, Q9, X12PLUS, and MXQ Pro 5G), and a single tablet (J5-W) with backdoors installed, with potentially up to 200 different devices impacted. All of these no-name model names can be easily rebranded as something else, which can be difficult to spot for most people.
“Unbeknownst to the user, when you plug this thing in, it goes to a command and control (C2) in China and downloads an instruction set and starts doing a bunch of bad stuff,” said the researchers. Command and Control server, or C2, is the centralized system where hackers and malicious actors can remotely access and control the compromised devices.
This is done by infecting devices and have it actively connect to the server or domain that hacker assumes control of – essentially, an invisible remote control for the hackers. Removing the malware, while not impossible, proved difficult.
It’s worth reminding once again that buying these cheap, no-name Android TV boxes are pretty much a high-risk affair. The researcher says, “friends don’t let friends plug in weird IoT devices into their home networks.”
Source: PCMag
Pokdepinion: Buy reputable ones if you need a TV box, people.