Smart TVs running the Android operating system provide users with functionality beyond that of normal TVs, but they also create a security risk, Trend Micro reveals.
The Internet of Things (IoT) market is fast growing and Smart TVs represent a central piece in this growth, as they are more than passive display devices, especially because they can run Android applications. A blog post authored by Trend Micro’s Ju Zhu explains that some of the most popular apps on Smart TVs allow users to watch channels from other parts of the world, but also break security.
According to the security researcher, some of these applications contain a backdoor that abuses a flaw in older versions of Android. The vulnerability (CVE-2014-7911) is found in Android releases before Lollipop 5.0 (ranging from Cupcake 1.5 to KitKat 4.4.2) and allows an attacker to execute arbitrary code on compromised devices.
The issue is that many of today’s Smart TVs run under older versions of Android, meaning that they are affected by the security flaw. Trend Micro has discovered vulnerable TVs from brands such as Changhong, Konka, Mi, Philips, Panasonic, and Sharp, but says that other Android devices that run under older versions of Android are also at risk, even if these apps are used mainly on Smart TVs or Smart TV boxes.
The offending applications are distributed through sites under the H.TV name, with most visitors located in the United States or Canada, the security firm says. Moreover, they discovered that the malware also uses a couple of download servers, namely meiz.le2ui(.)com and yaz.e3wsv(.)com.
To successfully distribute the malware, attackers lure users to websites that distribute it and get them to install the applications that are infected with the backdoor. As soon as the malicious applications have been installed, the attacker triggers the vulnerability in the system and use well-known exploit techniques like heap sprays or return-oriented programming to gain elevated privileges in the system.
Once they have achieved elevated privileges, the attacker silently installs other applications or malware onto the infected system. Furthermore, they are capable of remotely update apps or remotely push related apps to the television set, the security firm explains.
Trend Micro also notes that the remotely installed apps are downloaded via HTTP and not HTTPS, which means that a second attacker capable of man-in-the-middle attacks can actually change the downloaded apps. Thus, a second attacker can actually override the payload of the first attacker and expose users to additional risks.
To stay connected, users are advised to install a security solution that can detect the threat, as well as to update their devices to newer Android versions that are not affected by the issue. However, this could prove an issue on Smart TVs, as updates are not that easily applicable, mainly because of hardware limitations, meaning that users should rely on security solution to stay safe, while also avoiding the installation of apps from third-party sites.
Earlier this month, the Samsung launched a three-layer security solution that will be loaded on all of its 2016 Tizen-based Smart TVs. According to Samsung, the security service is meant to provide consumers with the necessary protection across all areas of the Smart TV ecosystem, which includes services, software and hardware security.