Trojans can abound on cheap Android set-top boxes

The latest generation of set-top boxes available on the market (in online stores or even in electronics stores) that can be connected to TVs or monitors have already been fully optimized for IP-based operation – most of them are devices running Android or Android TV operating systems with a target processor optimized for video playback, which are priced favorably and due to the wide range of applications, they are increasingly popular among customers.

However, the devices used in a home or even a company environment can now be one of the weakest links in the local network from an IT security point of view, even if they are rented from a service provider by a subscriber, and especially if they are marketed under the auspices of some exotic Chinese brand .

While the basic problem with Android set-top boxes provided by service providers is to be found in the rather infrequent security updates, independent Chinese brands are typically much more free to use the opportunity to place some uniquely developed code in the basic software (firmware) of the device.


Cybersecurity researchers recently it was pointed out, that the software of certain, popular types of certain brands may already contain malicious code in their factory state, which are so-called by connecting to command and control servers, they can download and run additional pieces of code that can be used for different purposes, all without the user’s knowledge and consent.

A TechChrunch according to his report, smart TVs infected in this way automatically become part of a botnet network consisting of thousands, even hundreds of thousands of devices, which in the best case are only so-called they consist of clickbots that constantly “consume” ads in the background, however, due to the Trojan’s structure, hackers can essentially run any malicious code on the devices. These can then open the door to illegal data access or even use the system for DDoS attacks.

According to experts, such and similar malicious codes cannot be removed from the devices, however, sellers could select their sources of purchase or even conduct some kind of investigation themselves, which could detect infected set-top boxes. However, this is a practically impossible task for large e-retailers that operate marketplaces, such as Amazon, and these devices are sold without full control from Asian webshops that often offer the most favorable price levels.

TechChrunch’s article specifically names two affected chip manufacturers, some types of set-top boxes containing AllWinner and RockChip chips can also be purchased in Hungary.

Source: HWSW Informatikai Hírmagazin by

*The article has been translated based on the content of HWSW Informatikai Hírmagazin by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!