Your newfangled Android / Smart TV might be the darling of your living room, but beware, it is an easy target for exploits. Trend Micro has done a rather in-depth study.
Most smart TVs today use older versions of Android, which still contain this flaw. TV brands that sell vulnerable smart TVs include Changhong, Konka, Mi, Philips, Panasonic, and Sharp. In addition, other Android devices with older versions installed are also at risk. Namely, those China-made TV boxes. Coincidentally, these malicious apps are typically the media / streaming apps, which are rather popular for the TV box applications.
The sites that distribute these malicious apps are located at the following URLs and are under the H.TV name, with most visitors located in the United States or Canada.
How does the attack happen? First, the attackers lure owners of smart TVs to the websites mentioned above and get them to install the apps infected with malware. Once these are installed, the attacker will trigger the vulnerability in the system. Well-known exploit techniques like heap sprays or return-oriented programming are used to gain elevated privileges in the system.
With elevated permissions, the attacker will then silently install others apps or malware onto the system. Our analysis revealed that they remotely update apps or remotely push related apps to the television sets.
What you can do?
Beware of installing unknown applications to your Android box. If you have root access, don’t grant super user to downloaded applications unnecessarily!