Latest from Next TV in Malware

Android TV Devices Shipping With Pre-Installed Malware

daniel.frankel@futurenet.com (Daniel Frankel) — Fri, 19 May 2023 18:20:36 +0000

Inexpensive and popular Android TV streaming gadgets based on chip sets manufactured in China are reportedly arriving laced with malware out of the box after delivery from online retailers including Amazon.

The devices, marketed under brand names like T95Max, RockChip X12 Plus and RockChip X88 Pro 10, are based on system-on-a-chip hardware from AllWinner and RockChip.

Reports about cheap Android mobile devices being infected with malware aren't necessarily new, but the problem seems to have also quietly proliferated to the TVOS side of Google's business, with security researchers uncovering connected TV gadgets loaded with malware and ready to coordinate cyberattacks.

As first detailed by TechCrunch, Ontario, Canada-based IT pro Daniel Milisic published last year on GitHub his experience with a T95, which has a four-star rating on Amazon amid 744 reviews.

Milisic said the device began connecting out of the box with a botnet network of thousands of other infected Android TV gadgets around the world. The device, he said, immediately sought out a command and control server, which downloaded additional malware to his gadget.

The malware enabled the T95 to begin conducting ad-click fraud, clicking on ads in the background.

In his GitHub post, Milisic published the script he used to "defang" what he described as a "no good, awful, nasty little ARM-powered TV/hobby box."

Milisic's findings were confirmed by Electronic Frontiers Foundation security researcher Bill Budington in this report.

In an email to Next TV Friday, Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, said that in addition to ad fraud, the malware could be used to mine user data or cryptocurrency, among other malfeasance.

Next TV's query Friday to Google Android TV reps for a response wasn't immediately replied to.

Phishing/Hacking/Malware No. 1 Cause of Data Breaches

john.eggerton@futurenet.com (John Eggerton) — Wed, 30 Mar 2016 14:15:00 +0000

As an unsavory group, phishing, hacking and malware together comprised the number one cause of data security "incidents."

They caused 31% of all breaches, according to the second annual Data Security Incident Response Report from BakerHostetler, which analyzed more than 300 such incidents the law firm helped manage.

Rounding out the top five causes, in order, were employee actions/mistakes (24%), external theft (17%), vendor-related incidents (14%) and internal theft (8%). Just outside the top five, at 6%, was improper records disposal.

The study found that the average time between a breach and detection was in excess of two months (69 days), and in at least one case well more than a year. Almost a quarter (24%) of the breaches resulted in a regulatory inquiry, and litigation was begun in 6% of the cases.

More than half of the breaches (52%) were self-detected.

Aquaman Named ‘Most Toxic Superhero’

chelsea.anderson@futurenet.com (Chelsea Anderson) — Tue, 30 Jun 2015 19:15:00 +0000

Aquaman has been tagged as the number one superhero most likely to be associated with online threats such as spyware, viruses and other malware, according to Intel Security’s "Most Toxic Superheroes 2015" list, which also includes such characters as Wonder Woman, Catwoman and Batman.

As studios revive comic book superheroes for movies and TV series -- such as Batman vs. Superman: Dawn of Justice in March of 2016 and an "Iron Fist" series slated for release by Netflix -- -- users are more likely to search for online information about their favorite characters.

In turn, they are more likely to link to sites containing malware, Intel Security said. These types of threats could result in users having their personal information stolen. Robert Siciliano, online safety expert at Intel Security, writes in his blog about how comic book fans and other users can stay safe while reading up on Justice League's Aquaman and others.

Intel Security’s Top 10 Most Toxic Superheroes*:

1. Aquaman 20.00%

2. Iron Fist 19.69%

3. Wolverine 19.58.%

4. Wonder Woman 19.38%

5. Doctor Strange 19.17%

6. Daredevil 18.96%

7. The Incredible Hulk, Iron Man (tied) 18.85%

8. Catwoman 18.65%

9. Green Lantern 18.44%

10. Batman 18.33%

*% indicates chance of landing on a website that has tested positive for online threats such as spyware, adware, spam, phishing, viruses or other malware.

Survey: Pirate Sites Draw $200M-Plus in Ad Revenue

john.eggerton@futurenet.com (John Eggerton) — Tue, 19 May 2015 14:30:00 +0000

A survey of almost 600 websites identified as illegally offering TV shows and movies online found they generated $209 million in revenue last year from ads running adjacent to the pirated digital content.

The study, "Good Money Still Going Bad," from the Digital Citizens Alliance (DCA) and MediaLink, said the total is actually down from the $227 million total in the 2013 study, but DCA noted that since some four out of 10 of those sites had been shut down or "shrunk" between the studies, revenue for the two years was comparable.

“What this report shows is that content theft sites can make something while creating nothing while posing real dangers to Internet users who are subjected to malware and other viruses,” said Tom Galvin, DCA executive director, in releasing the latest findings. “Despite the intensified efforts of law enforcement and private industry, the content thieves had another banner year, and that’s bad news for both content creators and consumers who got their computers infected.”

The study found that a third of the sites included links with "the potential to infect users' computers with viruses and other malware."

It also found that the number of name brands with ads running alongside the stolen content had increased from 89 in 2013 to 131 in 2014.

The study was based on 589 sites with 25 or more Digital Millennium Copyright Act takedown requests in Q3 2014, not including porn sites, "hate" sites, sites with mostly user-generated content or sites where the content was not primarily TV and movies.

DCA does not divulge who provides its funding beyond identifying them as "private citizens; the health, pharmaceutical and creative industries; as well as online safety experts and other communities focused on Internet safety." But its mission is clearly to emphasize the impact of online piracy and safety on consumers.