I've recently read a few articles about Android TV boxes that have malware or 'backdoors' installed on them.
These articles go on to say these boxes allow groups to undertake fraudulent activity.
I was trying to understand what the risks were for the users of these boxes but I found the explanations to be a bit technical for me. Could someone help explain in more simple or 'laymans' terms?
Here are a couple of extracts and the article links:
"Here's how the scheme works. The devices are built in China, where, at some point in the commercial supply chain before they're delivered to resellers or stores, a malware-based firmware backdoor is installed. The backdoor is built on Triada malware, a "downloader" whose main purpose is to establish a backdoor through which other malicious programming can be downloaded and installed. Dubbed Badbox infections, these backdoors are linked to a global network of fraud and cybercrime.
Hackers then use this access to compromised devices to execute multiple types of fraud, including advertising fraud, the creation of fake Gmail and WhatsApp accounts and remote code installation, Human Security's report explains. The group behind the scheme is selling access to residential networks commercially and claims to have access to millions of mobile IP addresses."
https://www.tomsguide.com/news/thousands-of-android-tv-boxes…
"A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.
Bigpanzi infects the devices via firmware updates or backdoored apps the users are tricked into installing themselves, as highlighted in a September 2023 report by Dr. Web.
The cybercriminals monetize these infections by turning the devices into nodes for illegal media streaming platforms, traffic proxying networks, distributed denial of service (DDoS) swarms, and OTT content provision."
https://www.bleepingcomputer.com/news/security/bigpanzi-botn…
Are these articles saying that if you use these boxes your home network is open for use by external parties? Are other devices on the network also exposed?
What kind of malware are you after?