September 12, 2024 at 10:24AM
A new malware named Vo1d has infected nearly 1.3 million Android-based TV boxes in 197 countries. It acts as a backdoor, secretly installing third-party software when commanded by attackers. The infection’s source is unknown, but it’s suspected to involve compromised instances or unofficial firmware versions. Budget device manufacturers may be passing off older OS versions as newer ones.
Key takeaways from the meeting notes:
– A new malware, Vo1d (also known as Void), has infected nearly 1.3 million Android-based TV boxes running outdated operating system versions in 197 countries.
– The malware acts as a backdoor, enabling the clandestine download and installation of third-party software when commanded by attackers.
– Most infections have been detected in Brazil, Morocco, Pakistan, Saudi Arabia, Argentina, Russia, Tunisia, Ecuador, Malaysia, Algeria, and Indonesia.
– The source of the infection is not yet known, but it is suspected to involve prior compromise allowing for root access or the use of unofficial firmware versions with built-in root access.
– Specific TV models have been targeted in the campaign, with the malware replacing system files and introducing new ones containing malicious code.
– The malware disguises its components as system programs and is designed to persistently run, download and execute files from a command-and-control server, and install APK files found in specified directories.
– The malware takes advantage of budget device manufacturers using older OS versions and passing them off as more up-to-date, making them vulnerable to such attacks.
For further updates and exclusive content, follow on Twitter and LinkedIn.