Malware Android.Vo1d infects 1.3 million smart TV sticks globally
Security experts report the malware Android.Vo1d has affected nearly 1.3 million smart TV sticks running on the Android TV system. The issue is global, with infected devices detected in almost 200 countries.
Researchers from Dr. WEB have noted a vulnerability in Android TV's security. The malware Android.Vo1d, once it reaches the smart TV stick, can be remotely used by attackers to download and install additional third-party software or access the memory due to root access. According to Dr.WEB, the issue was detected in three models of smart TV sticks: R4 with Android 7.1.2, TV BOX with Android 12.1, and KJ-SMART4KVIP with Android 10.1.
Interestingly, in practice, the Android.Vo1d software consists of several modules responsible for different functions of the malware. For example, the Android.Vo1d.1 module is used to download, install, and control the operation of another module (Android.Vo1d.3), which in turn launches yet another module that can download external software, run executable files, and install APK packages.
In other words, the software's operation is complex and can lead to both theft of data from the smart TV stick (likely not very much), as well as carrying out other attacks. Let's not forget that such devices are usually connected to the home network and generally do not have frequently updated Android security. Thus, attackers have many opportunities once they successfully infect the device.
Researchers from Dr.WEB note that the source of the Android.Vo1d software is not yet known. It appears that the cause of successful infection of at least some Android TV sticks was user negligence. In some cases, infections were recorded on devices with Android TV 7.1, even though much newer versions of the system were available for those devices. Installing the latest updates could reduce the scale of the phenomenon.
