Amazon Fire TV and their smaller counterpart the Fire TV Stick are well known and for a lot of people also beloved tools to use at home in order to watch a nice movie in the evening. While most people only utilize it to stream the occasional Amazon flick, others are craftier. They install whole home entertainment centers like Kodi and connect them with their media server to get the most out of their device.
But beware: It has been discovered that those altered sticks are vulnerable to a mean Android cryptocurrency mining worm.
What’s this cryptocurrency mining worm about?
The malware – a variant of the ADB.Miner worm which was discovered earlier this year in March – installs itself as an app called “Test” and starts mining away for Monero immediately. People on the XDA Developers forum began noticing it because of a white notification window that kept popping up.
Other signs that cryptocurrency is being mined on a device is that it becomes slow as well as unreactive and movies stutter or stop while being played back.
How does the infection spread?
In order to get all the “cool apps” like Kodi on an Amazon device one normally has to allow ADB debugging and/or apps from unknown sources – both practices that make the device more vulnerable. This is also what enables ADB.Miner to spread: The botnet scans for the port that opens up when enabling the above options and well, makes itself at home once it finds a suitable Amazon TV device.
What can I do to not get infected?
In essence, it is really easy: Don’t install apps on your device that are not downloaded from the official Amazon App Store.
If you already have done so you can take a couple of easy steps in order to not get infected.
- When on your home screen navigate to “Settings”.
- Scroll to your right until you see “System”.
- With the system dialog open look for “Developer Options”.
- Turn off ADB debugging and “Alls from Unknown Sources”.
That’s it! This should make sure that the app cannot install itself on your device anymore.