A new malware called Vo1d has infected nearly 1.3 million Android-based TV boxes worldwide. This discovery has sent shockwaves through the cybersecurity community and raised concerns for smart home device users everywhere.
The infection spans 197 countries, with Brazil, Morocco, and Pakistan among the hardest hit. Vo1d targets specific TV box models, including KJ-SMART4KVIP, R4, and TV BOX. These devices run various versions of Android, from 7.1.2 to 12.1.
According to Arstechnica, Vo1d acts as a backdoor on infected devices. It sneaks its components into the system storage area and can secretly download and install other software when attackers give the command. The malware changes important system files to stick around and adds new files with malicious code.
“It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software,” Russian antivirus vendor Doctor Web stated in a report.
Surprisingly, researchers still don’t know exactly how Vo1d infects these TV boxes. They think it might use another malware to exploit system weaknesses or take advantage of unofficial firmware with built-in vulnerabilities.
If you own an Android TV box, you should take steps to protect yourself. PCMag recommends keeping your device’s software up to date, avoiding unofficial firmware, and considering using antivirus software designed for Android TV. It’s also crucial to check if your device is Google Play Protect certified, which means it’s undergone rigorous safety testing.
Hackernews points out that Google has clarified that the infected devices aren’t running certified Android TV. Instead, they use the Android Open Source Project, which doesn’t go through the same strict safety checks.
As smart home devices become more common, we’ll likely see more attacks like this. Staying informed and taking simple precautions can go a long way in keeping your devices and data safe.