14 DAY TRIAL // Smart TVs running older versions of the Android operating system are being infected with malware via side-loaded apps installed from unofficial app stores, Trend Micro researchers have discovered.
According to Trend Micro's team, infections occur via applications downloaded from a series of sites run under the H.TV brand. These are websites that offer applications specifically built for Android smart TVs that allow users to watch TV channels from other regions of the globe.
The legality of these apps is a different matter, but users who choose to install them may have a bigger problem on their hands, which is the ANDROIDOS_ROOTSTV.A malware.
Cybercrooks are making a profit by pushing unwanted apps to your TV
This malware strain exploits an older Android vulnerability that allows attackers to gain elevated privileges on the device and use this advantage to secretly download and install unsolicited applications. Regardless if these latter stage applications are malicious or not, the cybercrooks behind this campaign are making a profit from pay-per-install Android app affiliate programs.
The vulnerability, CVE-2014-7911, affects all Android versions from Cupcake 1.5 to Kitkat 4.4W.2. Because smart TVs aren't on the same level of hardware performance compared to modern-day smartphones, their manufacturers often run older versions of the Android OS.
According to Trend Micro, smart TV brands that use older Android versions and put their users in harm's way include Changhong, Konka, Mi, Philips, Panasonic, and Sharp. By doing so, these TV makers are unwittingly exposing users to all the flaws that the Android infosec community has worked so hard to fix.
Not the first time when smart TV security gets slammed by security researchers
It was only a matter of time until actual Android malware was detected on smart TVs, and we didn't have to wait long. Last November, a security researcher from Symantec ran an experiment to see how hard it would be to remove Android ransomware, usually found on smartphones, from a smart TV running the Android OS.
While his experiment proved this to be almost impossible for someone with little knowledge of the inner workings of ransomware and the Android OS, the ANDROIDOS_ROOTSTV.A malware is the first case of malware specifically built to target smart TVs. Previously, there were cases of malware on smart TVs, but most of it was malware built to target smartphones that reached someone's TV by accident.
To avoid getting infected with ANDROIDOS_ROOTSTV.A, smart TV owners should stay away from these sites: ► http://pf3a[.]res4f[.]com ► http://www[.]htvmarket[.]com ► http://mak[.]wak2p[.]com ► http://wh[.]waks2[.]com
Trend Micro reports that most users visiting these sites are located in the US and Canada.
At this point, installing a mobile antivirus app on your Android TV (from the Google Play Store) may be an excellent idea.
