Samsung, the Korean electronics giant, is recommending that people scan their smart TVs for malware – just like they do with an antivirus app on their computer.
In a tweet sent out June 17, Samsung Support USA linked the importance of regular antivirus scans for maintaining a computers’ health to those for a smart TVs. “This is also true for your QLED TV if it’s connected to WiFI,” they wrote. “Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks.” In the video embedded in the tweet, they show users just how to scan their device.
The tweet raises two questions – and answers neither of them. First – are there really malicious software attacks on smart TVs right now? And second, more of an operational question, why don’t they automate this like the scans with Avira antivirus so users don’t really have to do anything?
“At the moment, there is no active malware for Smart TVs in the wild.” says Alexander Vukcevic, Head of Protection Labs at Avira. “But these devices have the potential to secretly track what you watch and even to record your voice if they have a built-in microphone.”
Your smart TV is a magnet for trackers
Smart TVs are a magnet for intrusive software that can track exactly what you watch and when. Some of these trackers are directly from the TV manufacturers while others might be from third-parties. While they are not malicious in the traditional sense, they do intrude on your privacy. As Alexander points out, this information can potentially be monetized by selecting and displaying targeted ads on your TV.
Bet you didn’t even know they were watching
The Samsung TV antivirus may just be an attempt to keep other foxes out of the henhouse. Samsung has already been caught sucking up considerable amounts of consumer data – in addition to Vizo and LG. Not only are most users unaware of this tracking, they might not be able to even turn it off (as was the case with LG). According to Wikileaks, the CIA developed eavesdropping software for some Samsung TVs in 2017.
We tracked the trackers
At Avira, we tracked what a smart TV could do in a single hour. Researcher found that the TV did the following:
- Opened three vulnerable ports to the internet.
- Scanned the home network for other connected devices.
- Collected 750 text pages of information about the person using the device and how the person used it.
- Sent this information to 13 servers.
- Relayed information to services that hadn’t been enabled and user accounts registered for.
- Did this when nobody in the household was actively using the device.
You may think you are watching TV. Fact is, your TV is really watching you. Even without malicious software.