Tuesday, May 28, 2024

Android Cryptocurrency Mining Malware Infecting Amazon Fire TV & Other Amazon Devices

Android-based cryptocurrency mining malware now started infecting Amazon Fire TV & Fire TV Stick Devices.

It doesn’t specifically target the Amazon devices but Amazon Fire TV devices are running with an Android operating system so the cryptocurrency malware infection spreading across the Amazon devices.

Multiple Fire TV device owners are facing this infection while they are streaming media players and many compliant are registered in XDA forums.

This Mining Malware named as  ADB.Miner that was discovered earlier this year and it rapidly spreading through Android-based devices.

In this case, A particular version of this Mining malware started appearing on Amazon devices and installs itself as an app called “Test” with the package name “com.google.time.timer”. 

Once the malware penetrated to the device, it consumes the infected device resources and utilizes the cryptocurrency mining process, also it tries to spread itself to other Android devices on the same network.

Amazon Fire TV Infection Process

Malware infection process starts by installing the app on Amazon Fire TV and it is still unknown that which app is installing the malicious mining file to infecting the device.

Researchers believe that malware spreading while users trying to download the Apps that used to watch pirate movies or TV shows.

According to aftvnews Once an initial device is infected, the malware can spread itself to other devices over ADB, even if those other devices never had apps sideloaded.

Initial infection is slowly started in the infected device and it slows down the system process and  Loading apps will take longer than usual.

Later Malware utilizes the device and consuming 100% of the device resources to mining the cryptocurrency.

Also, A screen that says “Test” with a green Android robot icon will also occasionally appear randomly on infected devices.

It leads to stop the video playback and apps that makes very difficult to use it normally by infected user.

Prevention Methods

To make it impossible for your Fire TV device to become infected by this malware, go to your Fire TV device’s Settings and select the “Device” menu item.

Then select “Developer options” and ensure that “ADB debugging” and “Apps from Unknown Sources” are both set to “OFF”. These settings are off by default, so if you’ve never changed them, then you have always been safe from this malware.


Latest articles

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...

Hackers Exploit WordPress Plugin to Steal Credit Card Data

Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles