AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Vo1d infections on Android TV boxes: how to protect your devices

Learn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

The Vo1d malware has infected approximately 1.3 million Android TV boxes in 197 countries, with concentrations in Brazil. This malware uses a backdoor to install malicious software. Play Protect certified devices are not infected. The source of the infection remains unknown.

This pill is also available in Italian language

Recently, the Russian software house Dr.Web highlighted an alarm affecting Android TV boxes: the Vo1d malware has compromised almost 1.3 million devices in as many as 197 countries. The distribution of infections is most concentrated in Brazil, which accounts for 28% of reported cases, followed by countries such as Morocco, Pakistan, Saudi Arabia, Argentina, Russia, Tunisia, Ecuador, Malaysia, Algeria, and Indonesia. This malware uses a backdoor to penetrate the storage memory, thus posing a considerable threat for any subsequent use for malicious purposes.

Technical details of the exploited vulnerability

Once in place, Vo1d is capable of stealthily downloading and installing third-party software, which increases the security risks for users exponentially. Although the affected devices are outdated versions of the Android operating system, the potential damage is still significant. Google promptly released a reassuring statement for users of Play Protect certified devices, highlighting that none of them were infected by the malware. Their certification involves rigorous security and quality tests, thus significantly reducing the likelihood of infection.

Devices at risk and preventive measures

Google also explained that the infected devices were not certified with Play Protect, highlighting the importance of certification to maintain a high level of security on Android devices. Most of the infections were found on systems that may be using unofficial versions of firmware or source code from the Android Open Source Project (AOSP). This finding underscores how crucial it is for users to always verify the certification of their device to avoid similar vulnerabilities.

Infected devices and Dr.Web interventions

The report by Dr.Web specifically mentions vulnerable Android TV box models such as KJ-SMART4KVIP (Android 10.1; KJ-SMART4KVIP Build/NHG47K), R4 (Android 7.1. 2; R4 Build/NHG47K) and TV BOX (Android 12.1; TV BOX Build/NHG47K). Dr.Web claims that its antivirus is effective in detecting and eliminating the Vo1d malware. The source of the infection remains unknown, although it is suspected that it may be related to previously discovered vulnerabilities that allow root access or the use of unofficial firmware with built-in root access. Continuous vigilance and preventive measures, such as using up-to-date antivirus software, are recommended to protect devices from such threats.

Follow us on Threads for more pills like this

09/18/2024 08:55

Marco Verro

Last pills

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon

Data breach: Fortinet faces new hack, 440GB of stolen informationFortinet under attack: hackers breach security and make information public. discover the details and the consequences for the privacy of involved users

Shocking cyber espionage discoveries: nation-state threatsHow state-of-state cyberwarfare is changing the game in the tech industry: Details and analysis of recent attacks

A new era for Flipper Zero with firmware 1.0Discover the revolutionary features of Flipper Zero firmware 1.0: performance improvements, JavaScript, and enhanced connectivity