Is your device a target for an Android TV box virus?

I’m going to come right out and say it: If you’re streaming movies using one of those “legally grey-area” add-ons or apps, then you need some sort of Android TV box virus protection.

Even if you’re not, I still highly recommend running an anti-virus app on your TV box.

Viruses have changed a lot over the past few years. When I was researching this article, I found a lot of information that had changed since the last time I thought about my antivirus software.

If you’re still thinking about them the old way, like I was, then you’re in for a rude awakening.

By the end of this article, my goal is for you to have a little better understanding of Android ransomware and how to protect yourself from an Android TV box virus.

Why do I need virus protection on my streaming device?

Great question. Think about it this way:

You’ve probably heard the saying that a chain is only as strong as the weakest link, right? It’s been around for centuries, and when it began, it was referring to a literal chain.

But the same is true for your home network security.

You probably have anti-virus on your home computer or laptop. There’s important documents on there like your kid’s homework, your personal finances, or even just your photos that can’t be replaced. You take precautions to keep them safe.

Well, that laptop or desktop is sitting on the same home network as your TV box. There’s probably even a shared folder set up so you can access your movies or pictures from your computer.

Guess what? Just by sitting on the same network, your PC is now vulnerable to a virus that came in through your Android TV box. The shared folder makes it even easier to hack.

What is Android Ransomware?

Viruses used to be annoying. Occasionally they could delete your data, or make our devices slower.

Somewhere over the past few years, especially once Bitcoin and e-gift cards became popular, hackers figured out that they could do a lot more than just delete your files. They could extort money from us too.

Ransomware is the latest buzzword in the security community and its getting a lot of press lately. And for good reason. It gets it’s name because it  locks your device and forces you to pay a ransom to get it back. The most common ransom demands are for Bitcoin, or even iTunes Gift Cards.

It’s a bigger problem than most people realize. Ransomware affects tens of thousands of people from ordinary users to hospitals to schools, universities and even NASCAR teams.

How does it work?

Imagine that you sit down to watch a movie. You turn on the TV and instead of seeing the familiar Kodi launch screen, you see this:

'FBI Virus' 'Ransomware is one of the most common Android TV box virus messages

Holy %*&!&%! What just happened?

The good news is that this “FBI Virus” message is fake. The US Department of Justice and FBI aren’t coming after you for “pornography and spam-messages with terrorist motives.” Even if they were, you probably wouldn’t get away with a $200 fine for it. Just saying…

The bad news is that your device is your device has been hit by malicious code and you’re going to have to pay up to (maybe) get it back.

As a quick side note, Articles 202 and 210 of the US criminal code are in the larger section that deals with Bribery and Graft (corruption). Somebody has a sense of humour.

The most common type of Android ransomware hits devices that run Android 4.4.4 or lower – which, by the way is a staggering number of TV boxes. That’s yet another reason to make sure your next TV box is running at least Android 5.

5 signs you may have a virus

Virus developers are getting sneakier. It used to be that a virus would give you the old “blue screen of death.” That was an easy way to figure out that there’s something wrong.

These days, its not that simple.

Here are a couple of possible signs that your device may be infected with a virus. Remember that there’s an almost infinite number of viruses, so it’s best to get some sort of virus scanner to be sure.

• Updates repeatedly fail

If you repeatedly get error messages when trying to update your system or an individual app, your device could be infected with a virus. One of the main reasons that developers update their apps is to fix any bugs and security holes. Viruses will usually try to block system updates so that whatever vulnerability they are exploiting doesn’t get fixed.

• You are redirected to another webpage

Hackers tend to stick together. One common tactic is to redirect you to a different webpage than you were planning on going to. For example, if you type in Google.com, you may end up visiting SomePornSite.com instead. That is never a good thing, especially if you’ve got kids in the house.

This also covers if you suddenly find that your homepage is hijacked to a different site as well.

• Ads you didn’t click on…

If a virus doesn’t try to extort money from you directly, it may try to do it indirectly. Earning money from ads is a low risk way for hackers to earn a lot of money.

How much money?

Only about $6.3 Billion in 2015.

Before you start thinking that someone else will be paying for that, just keep in mind that all of that advertising money usually means that the cost of the everyday items that we use will be going up. Companies like passing that on to the consumer – you and me.

• Access to your entire network

Remember that “weakest link” argument from earlier? If one device on your network is compromised – any device – then it puts the entire network at risk. Which can lead to….

• Theft of your data

This is the one that I worry about most.

Personally, I hate paper. I keep everything on my computers and network storage. Sure I have backups, both locally and in the cloud. I’m pretty confident that I wouldn’t lose anything permanently, but I’d still rather not take that chance.

• Personal information and\or recordings

You might remember hearing about this a few years ago. Hackers found a way to take over the webcams in your computers, tablets and other devices to secretly record you. Not too many TV boxes have webcams built in, but one of the main uses for TV boxes is to make Skype calls on the big screen.

According to that article, security experts stressed that “anti-virus software plays a vital role in preventing it.”

Can Smart TVs get viruses?

This site isn’t about smart TV’s, so I don’t want to go too deep into this. Still, Smart TV’s, Android TV and Android TV boxes are all very similar, so it deserves at least a mention here.

So what about Smart TV’s? Can they get viruses too?

Actually, it appears to be just as easy to get a virus on smart TV as it is on any other device – if not easier.

Most smart TV’s come with a web browser installed already so you can “surf the internet from your couch.” As I mentioned earlier, most viruses come from us going someplace we shouldn’t be going and clicking on malicious links.

Because an Android box can run Android apps, you can install some kind of antivirus app on it. Smart TV’s don’t normally have that option, so you are wide open to any threats you come across.

Quick steps to protect yourself from an Android TV box virus

There are a couple of simple things that you can do to protect yourself and your device.

1. Make sure the app permissions make sense

Every app you install will ask for additional permissions so it can do what the developers intended it to do. Supposedly, this also lets you look at what you’re allowing the app to do.

In practice, most of us pay about as much attention to app permissions as we do to the terms and conditions disclaimer when we install software on our PC.

If you want to protect yourself, invest the extra ten seconds it takes to read through the list of app permissions.

Does the app really need to be able to send and receive SMS (text) messages without you knowing? What about accessing or changing your Photos/Media/Files, or your Wi-Fi Connection Information?

If that sounds a bit scary…good.

2. Don’t Root your device if you don’t need to

I’m going to take some heat for this one, but I’ll say it anyway: Most people have absolutely no business rooting their smartphones, tablets or TV boxes.

Rooting your Android device, or Jailbreaking your Apple device, completely opens up the device – essentially making it a blank slate. You can enable anything, install anything, tweak absolutely everything about the device.

You’ve also bypassed most of the innate security features of the device.

Here’s what I mean.

Think of your Android device as playground with a bunch of sandboxes neatly laid out in a row. You are an app – whatever app you’d like to be. Go crazy here, it’s an illustration.

There are lots of other kids (apps), each with their own sandbox. One kid, we’ll call him Billy, might make a complete mess of his sandbox. But what Billy does in his sandbox has nothing to do with you. You’re still happily playing in your sandbox, even though Billy is throwing his sand all over the place like a crazy person.

That’s the way apps are designed to work. All of the important work is done outside the sandboxes so that no app can affect any other app, or really affect overall system security.

What happens when you root the device? You take out the sandboxes. Not the sand…just the box itself. The sand is sitting there in a pile on the ground.

Now, when Billy is making a mess, some of his sand gets in your play area and starts messing up what you’re doing.

That, in a nutshell, is what happens when you root your device. All of your apps can interact with each other, many times without your permission. Best case scenario, it can cause errors in the apps because one app changed something that another app relied on to work. Worst case, you’ll have a malicious app with free reign on your device.

Unless you really know what you’re doing, and have a darn good reason, you should avoid rooting your device.

But it’s even more dangerous if you enable “Unknown Sources.”

3. Turn off  “Unknown Sources”

By default, Android will only let you install apps from the Google Play Store. Google does a pretty good job of checking any apps for malicious code or hidden viruses which is why this setting is off by default.

There are alternate Android app stores, other than the Google Play Store. One of the most popular is the Amazon App Store. The catch is that to install them, you need to enable the setting “Unknown Sources – Allow installation of apps from sources other than the Play Store.” This is often called “sideloading Android apps.”

What they don’t tell you is that leaving it enabled leaves a giant security hole that’s just waiting for malicious code.

What’s the real risk? Well, the “FBI virus” that you saw above can only be installed on your system by…you guessed it….enabling app installation from unknown sources.

This is by far the simplest protection you can have for your Android TV box.

It won’t stop everything though. Every once in a while one of the Internet security companies finds a few fake apps that Google missed. That’s why it’s still important to…

4. Run an Android virus protection app

A good virus protection will make up for some lax security in other areas. At least partially.

But the thing is that this is the most critical, yet often the most overlooked security step you can take.

What gets me is that consumers spent about $81.5 Billion dollars on mobile accessories in 2015, but a recent study found that the entire mobile security market accounted for a paltry $3.4 Billion. Let me get this straight, we spend 23 times more on cases and screen protectors than on securing our devices.

Think about it this way: This is like buying a brand new sports car, tricking it out with a cool paint job, new rims and a killer stereo and then never changing the oil in the car. You’re going to have a great ride for about six months before stuff starts going wrong. Eventually it’s going to blow up in your face.

Even a free antivirus app is better than nothing, but I highly recommend spending the $20-$40 or so and getting a complete, always-on Android virus protection app.

Best Android virus protection

I’m a PC-builder from way back, as many of you might have read elsewhere in this site. I’ve always used two security programs to protect my systems, and I still practice that with my smartphones, tablets and TV boxes. So I’ve got two products to recommend.

I’ll explain why.

When you go to the doctor’s office and the doctor tells you something is wrong, many people like to get a second opinion. Sure, they could be right, but they might not be. Whatever remedy they prescribe is likely to be expensive or painful, so personally, I’d rather be sure.

Total virus protection

BitDefender

For all around virus protection and Internet security, I recommend BitDefender.

Remember in the beginning how I said that I found a lot of information researching this article that I didn’t know? Well, this is the biggest “a-ha” moment I had.

You see, I was using Webroot for a few years. I’ve bounced back and forth between McAfee, Norton, AVG before settling on Webroot a few years ago. I was never happy with how much of a resource hog the other anti-virus programs were on my PC and my Nexus smartphone. Webroot seemed to give me the same level of protection without all of the excess overhead.

“Seemed” being the operative word. AV-Test, the major independent IT security organization, stopped testing Webroot back in 2014 – right after I started using it, it seems. I don’t know about you, but that’s concerning to me. Looking back at the last test, the scores weren’t that impressive.

Webroot was able to find 95% of the real-world tests. Industry average, but I think I can do better.

BitDefender ups the game considerably, both in Android virus detection and Windows virus detection.

In the June 2016 test, the latest at the time of this writing, BitDefender detected 100% of the 3,459 Android malware samples in real-time. On the PC, it protected against 98% of 0-day samples, and 100% of the malware discovered in the previous 4 weeks.

Oh, and if you’re wondering, BitDefender won AV-Test.org’s 2015 Award for Best Android Security.

That’s protection that I can feel confident in. To learn more, head on over to BitDefender.com for a free 30-day trial.

Malware protection and removal

Malwarebytes

As a “second opinion”, I’ve trusted Malwarebytes for over a decade. What I like most about Malwarebytes is that it plays well with other virus protection programs.

Way (way) back when I was a computer tech, I would see people try to install Norton and McAfee on their PC’s at the same time. The programs ended up fighting with each other, reducing performance and leaving their systems vulnerable to attack.

Malwarebytes is designed to work with other programs and not get in their way, because it focuses mostly on malware – the kind of apps which steal your data, identity or location.

Their mobile version is a great free solution, although there are paid upgrades (of course) which offer more security as well as virus-protection for all  of your devices. Yes, even your PC.

I don’t recommend it as your only security app, but it’s always nice to have a second opinion, right?

To learn more about their mobile and PC security software, go to Malwarebytes.com.

The Verdict

You wouldn’t leave your front door wide open with your wallet just laying there in plain sight, right? So why would you do that with your devices?

Security is a big deal. I can’t emphasize that enough. There are simple steps that you can take to make sure that your devices – all of your devices – are protected from hackers, viruses, Android ransomware, and other malware.

Discussing Android virus protection may not be as sexy as talking about whatever Kodi add-on will stream the football game. But, like that tricked out sports car we talked about earlier, if you don’t take the time to maintain your device, you won’t be able to enjoy it for very long.

Before you go…how do you protect your TV box and smartphone? I’d love to hear your experiences. Let me know in the comments below. 

12 Comments

  1. I had a Mcafee web developer message on my browser that would not go away, which had an http:// url message that was saying the email site was not safe. I was like what in the heck is this? I know I did not click on any malicious emails or go to any crazy out of the norm sites. No matter what I did i couldn’t not get that web message off my browser. I contacted Mcafee for further instruction. The tech. access my computer and was able to put my browser back to firefox by doing an updated version however, I notice my sound went out on my pc 06/25/2017. I was like what is going on with this computer I updated the drivers etc and contacted HP and the guy said that my computer had been compromised with some type of malaware and Microsoft corp is stopping all the files. He said I would need to back up my files because my computer was about to crash. I didn’t buy the firewall from him for all I know he may not have been legit either so I said you can’t remove what is in my pc he said only if I buy the firewall to prevent this from happening again. I declined and did a system restore back a week or so and my sound came back and everything was or seem to be fine. I have decided to send my Amazon Firestick Jailbreaker back get my money back and get the regular one from Amazon. Just wondering if the Amazon Firestick (not rooted) is it safe and is it a possibility this Jailbreaker could have jammed up my computer?

    Thank you in advance for your opinion and answer

  2. I had ipvanish then expressvpn and dropped them both for bad customer support.(my tv box was infected with the”fbi”virus under express.i thought a vpn was an anti malware device,but apparently not.i now have a. $77 beelink g1ultimate that is frozen.(i know you can’use this but i feel better.)

  3. Good day. I’ve had my Android box for about 6months and my Tv shows blurry and everything is PURPLE! HELLLPPP. I constantly get pop up ads of porn sites….could that affect the function of my TV?

Leave a Reply

Your email address will not be published. Required fields are marked *