According to a report from TechCrunch, several security researchers discovered preloaded malware on popular Android TV boxes, which is concerning. An ongoing investigation by Daniel Milisic has found that the Android TV boxes sold by ALLWinner and RockChip contain malware.
The companies' TV boxes have become popular on Amazon due to the low price and many 5-star ratings. Milisic purchased an AllWinner T95 on Amazon last year and found it infected with malware. This experience, and the fact that the device is labeled an "Amazon Choice," prompted Milisic to investigate.
Researchers findings
Milisic found that the T95 was connected to a larger botnet of thousands of other infected Android TV boxes across the globe. The malware installed on the boxes is called clickbot. It is designed to secretly tap on ads in the background to generate revenue. Once the affected Android TV boxes are switched on, the malware contacts the command-and-control server, gets instructions, and pulls additional payloads to the device to carry out the ad-click fraud.
His findings were confirmed by security researcher Bill Budington who purchased the same T95 Android TV box from Amazon, as well as one from RockChip, and found they both came with preloaded malware. During his independent research, Budigton found that the AllWinner T95Max, RockChip X12 Plus, and RockChip X88 Pro 10 all came with preinstalled malware.
Why is there malware preinstalled?
Milisic said that Amazon should be holding retailers and makers to a higher standard. "They’re not allowed to sell children’s toys made out of spinning razor blades, why is it OK to let small, unknown vendors sell computers acting maliciously without owners’ knowledge and permission?” Milisic wondered.
The offenders, ALLWinner, RockChip and even Amazon, have not responded to the findings. In a world that lacks accountability, are we surprised? Our suggestion at this point is if you're going to buy an Android TV box, purchase one from a well-known brand like Nvidia, or Google. It seems like a good idea to stay away from cheaper Android TV boxes. As they say, you get what you pay for.
