Your browser is obsolete!

The page may not load correctly.

Android territory

Туманность Андроида

Other issues in this category (20)
  • add to favourites
    Add to Bookmarks

A miner TV

Read: 693 Comments: 3 Rating: 7

Do you like to watch TV? If it’s an Android TV and you don’t have an anti-virus, you will probably want to familiarise yourself with a nice television trick criminals like to use to make money.

Hybrid Broadcast Broadband TV (HbbTV) devices are reported to have vulnerabilities that can be leveraged to gain remote unauthorised access to them. According to one of the authors of the research, German hacker Martin Herfurt of the company Nruns, the device’s browser can be directed to an arbitrary address or even used to run cryptocurrency mining code such as BitcoinPlus.

JavaScript code for mining bitcoin can be deployed on any page, so every site visitor who has the page opened in their browser will thus engage their system in mining.

https://xakep.ru/2013/06/06/60743

Of course, conventional TVs are in no danger, but smart TVs and consoles can access the Internet. And where there is Internet, there are JavaScripts; and where there are JavaScripts, there is code that can be executed on the user end.

Our readers already know what makes scripts so hazardous is the fact they are invisible. A user doesn't know how many scripts were loaded when they visited a site and what they are doing now. This provides attackers with tremendous opportunities.

Are you, perhaps, inclined to think that TV security has improved since 2013? Well, you couldn’t be more wrong!

"About 90% of all the smart TVs sold in recent years are vulnerable to attacks of this kind", security researcher Rafael Scheel said while talking about the new technique enabling attackers to infect the devices remotely. Even the CIA, which developed its own espionage software for TVs, assumed that for it to work, their agent first had to gain physical access to a TV. But the new technique lets criminals do that remotely using a $50-$150 DVB-T transmitter.

https://www.bleepingcomputer.com/news/security/about-90-percent-of-smart-tvs-vulnerable-to-remote-hacking-via-rogue-tv-signals/

#Аndroid #IoT #vulnerability #remote_access #anti-virus_scan #mining

Dr.Web recommends

Malicious files feel at ease in locations no one expects them to be. So TVs are quite suitable for mining. There are lots of them, mining software operates quietly, and if it does interfere with the picture, users are most likely to blame their service provider for any inconvenience.

Unfortunately, operating systems for smart devices don't offer flexible configuration. That's why currently an anti-virus is the only means of protection.

If there is no way to install an anti-virus on your device, but it is accessible over SSH, use Dr.Web for Linux to scan your TV remotely.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments