Android users warned over ‘170,000 daily active bots’ attempting to infect your device and make ‘significant money’

EXPERTS have warned about malicious bots infecting fake Android TV boxes.

Cybersecurity researchers uncovered a new Mirai malware botnet variant infecting illegitimate Android TV set-top boxes.

1

The malware, named ‘Bigpanzi’, has been infecting fake Android TV and eCos set-top boxes worldwide since at least 2015.

Bigpanzi controls a botnet of approximately 170,000 daily active bots, according to Beijing-based Qianxin Xlab.

It attacks devices through firmware updates or backdoored apps, Bleeping Computer reported.

Backdoor programs are apps that allow cybercriminals or attackers to access computers remotely.

These malicious apps can be installed in both software and hardware components.

“The cybercriminals monetize these infections by turning the devices into nodes for illegal media streaming platforms,” Bleeping Computer noted.

They also use them for “traffic proxying networks and distributed denial of service (DDoS) swarms.”

These types of attacks work to disrupt normal traffic to the point they overwhelm a device, rendering them useless.

“Over the past eight years, Bigpanzi has been operating covertly, silently amassing wealth from the shadows,” reads the Xlabs report.

“With the progression of their operations, there has been a significant proliferation of samples, domain names, and IP addresses,” it continued.

“In the face of such a large and intricate network, our findings represent just the tip of the iceberg in terms of what Bigpanzi encompasses.”

A Google spokesperson told Bleeping Computer: “These devices found to be infected appear to be Android Open Source Project (AOSP) devices, which means that anyone can download and modify the code.

“Android TV is Google’s operating system for smart TVs and streaming devices.

“It is proprietary, which means that only Google and its licensed partners can modify the code.”

The tech giant added that if a device isn’t Play Protect certified, it doesn’t have a record of security and compatibility test results.

This isn’t the first time that the company has warned about Android TV sets that claim to be made by Android but do not come with the safety tools real sets do.

Last June, the company urged users to only buy Android TV boxes from Google.

“Only Play Protect-certified devices are eligible to include Google apps, like the Google Play Store app,” the tech giant said.

Play Protect Certified devices also have built-in malware protection.

This post first appeared on Thesun.co.uk