Beware: your Android TV is already infected in the box

We recently wrote about the increasingly common problem that people at OEMs, companies that produce telephones, televisions and other gadgets on behalf of large and small tech brands. Now there is more clarity about this problem.

TrendMicro

Trend Micro recently came to the conclusion during a conference that even before a product even leaves the factory, all kinds of malware are already installed on it. This is less likely to happen with a large brand like Samsung than with a smaller manufacturer, because they sometimes have fewer security checks or don’t have that much money to implement them.

Android devices already don’t have the best reputation when it comes to security, because sometimes an unsafe app wants to sneak in via the Google Play Store, and therefore also on many phones, but this is yet another way to get infected. To hit. It’s already in there from the assembly line. Trend Micro’s report states that 8.9 million phones from 50 different brands were infected with malware at the factory. This was initially discovered by Sophos, another security company, who dubbed the malware Guerrilla. And Guerrilla can also be found in 15 apps that are in the Play Store.

Related articles

Guerrilla

According to Trend Micro, Guerrilla opens a back door in your phone that other bad apps can use to install updates. Those updates ensure that the software can run off with your data. Trend Micro calls the people behind this bad platform Lemon Group. Guerrilla mainly installs aggressive advertising platforms that, among other things, ensure that your battery life deteriorates rapidly.

“While we have identified some of the things that Lemon Group does for big data, marketing and advertising companies, its main activity is the use of big data: Analyzing huge amounts of data and the associated characteristics of shipments from manufacturers, obtained various advertising content from different users at different times, and the hardware data with detailed software push. This will allow Lemon Group to monitor customers who may be further compromised with other apps to build on, such as focusing on only showing ads to app users from certain regions.”

AndroidTV

The United States, Mexico, Indonesia, Thailand and Russia in particular have many infected devices. They notice, for example, that WhatsApp messages are being sent to their loved ones to steal even more data and to infect those phones as well. TechCrunch specifically comes up with an example of infected television boxes. There are all kinds of television boxes (such as Android TV T95) for sale on Amazon that already contain malware in their box.

It’s bad that infected devices roll off the line, but it doesn’t happen by default. The well-known, large brands do not seem to be affected by this so far. However, it is now becoming increasingly clear that the problems exist and that means that action can be taken. Although it may sometimes be difficult to pick out those malicious people within those factories.

Worried that your sealed, new device might not be that secure after all? Leave it now in the comments.