I’m going to come right out and say it: If you’re streaming movies using one of those “legally grey-area” add-ons or apps, then you need some sort of Android TV box virus protection.
Even if you’re not, I still highly recommend running an anti-virus app on your TV box.
Viruses have changed a lot over the past few years. When I was researching this article, I found a lot of information that had changed since the last time I thought about my antivirus software.
If you’re still thinking about them the old way, like I was, then you’re in for a rude awakening.
By the end of this article, my goal is for you to have a little better understanding of Android ransomware and how to protect yourself from an Android TV box virus.
Why do I need virus protection on my streaming device?
Great question. Think about it this way:
You’ve probably heard the saying that a chain is only as strong as the weakest link, right? It’s been around for centuries, and when it began, it was referring to a literal chain.
But the same is true for your home network security.
You probably have an anti-virus on your home computer or laptop. There are important documents on there like your kid’s homework, your personal finances, or even just your photos that can’t be replaced. You take precautions to keep them safe.
Well, that laptop or desktop is sitting on the same home network as your TV box. There’s probably even a shared folder set up so you can access your movies or pictures from your computer.
Guess what? Just by sitting on the same network, your PC is now vulnerable to a virus that came in through your Android TV box. The shared folder makes it even easier to hack.
What is Android Ransomware?
Viruses used to be annoying. Occasionally they could delete your data, or make our devices slower.
Somewhere over the past few years, especially once Bitcoin and e-gift cards became popular, hackers figured out that they could do a lot more than just delete your files. They could extort money from us too.
Ransomware is the latest buzzword in the security community and it’s getting a lot of press lately. And for good reason. It gets its name because it locks your device and forces you to pay a ransom to get it back. The most common ransom demands are for Bitcoin or even iTunes Gift Cards.
It’s a bigger problem than most people realize. Ransomware affects tens of thousands of people from ordinary users to hospitals to schools, universities, and even NASCAR teams.
How does it work?
Imagine that you sit down to watch a movie. You turn on the TV and instead of seeing the familiar Kodi launch screen, you see this:
Holy %*&!&%! What just happened?
The good news is that this “FBI Virus” message is fake. The US Department of Justice and FBI aren’t coming after you for “pornography and spam messages with terrorist motives.” Even if they were, you probably wouldn’t get away with a $200 fine for it. Just saying…
The bad news is that your device is your device has been hit by malicious code and you’re going to have to pay up to (maybe) get it back.
As a quick side note, Articles 202 and 210 of the US criminal code are in the larger section that deals with Bribery and Graft (corruption). Somebody has a sense of humor.
The most common type of Android ransomware hits devices that run Android 4.4.4 or lower – which, by the way, is a staggering number of TV boxes. That’s yet another reason to make sure your next TV box is running at least Android 5.
5 signs you may have a virus
Virus developers are getting sneakier. It used to be that a virus would give you the old “blue screen of death.” That was an easy way to figure out that there was something wrong.
These days, it’s not that simple.
Here are a couple of possible signs that your device may be infected with a virus. Remember that there’s an almost infinite number of viruses, so it’s best to get some sort of virus scanner to be sure.
• Updates repeatedly fail
If you repeatedly get error messages when trying to update your system or an individual app, your device could be infected with a virus. One of the main reasons that developers update their apps is to fix any bugs and security holes. Viruses will usually try to block system updates so that whatever vulnerability they are exploiting doesn’t get fixed.
• You are redirected to another webpage
Hackers tend to stick together. One common tactic is to redirect you to a different webpage than you were planning on going to. For example, if you type in Google.com, you may end up visiting SomePornSite.com instead. That is never a good thing, especially if you’ve got kids in the house.
This also covers if you suddenly find that your homepage is hijacked to a different site as well.
• Ads you didn’t click on…
If a virus doesn’t try to extort money from you directly, it may try to do it indirectly. Earning money from ads is a low-risk way for hackers to earn a lot of money.
How much money?
Only about $6.3 Billion in 2015.
Before you start thinking that someone else will be paying for that, just keep in mind that all of that advertising money usually means that the cost of the everyday items that we use will be going up. Companies like passing that on to the consumer – you and me.
• Access to your entire network
Remember that “weakest link” argument from earlier? If one device on your network is compromised – any device – then it puts the entire network at risk. Which can lead to…
• Theft of your data
This is the one that I worry about most.
Personally, I hate paper. I keep everything on my computers and network storage. Sure I have backups, both locally and in the cloud. I’m pretty confident that I wouldn’t lose anything permanently, but I’d still rather not take that chance.
• Personal information and\or recordings
You might remember hearing about this a few years ago. Hackers found a way to take over the webcams in your computers, tablets, and other devices to secretly record you. Not too many TV boxes have webcams built in, but one of the main uses for TV boxes is to make Skype calls on the big screen.
According to that article, security experts stressed that “anti-virus software plays a vital role in preventing it.”
Can Smart TVs get viruses?
This site isn’t about smart TV’s, so I don’t want to go too deep into this. Still, Smart TVs, Android TV, and Android TV boxes are all very similar, so it deserves at least a mention here.
So what about Smart TV? Can they get viruses too?
Actually, it appears to be just as easy to get a virus on smart TV as it is on any other device – if not easier.
Most smart TV’s come with a web browser installed already so you can “surf the internet from your couch.” As I mentioned earlier, most viruses come from us going someplace we shouldn’t be going and clicking on malicious links.
Because an Android box can run Android apps, you can install some kind of antivirus app on it. Smart TVs don’t normally have that option, so you are wide open to any threats you come across.
Quick steps to protect yourself from an Android TV box virus
There are a couple of simple things that you can do to protect yourself and your device.
1. Make sure the app permissions make sense
Every app you install will ask for additional permissions so it can do what the developers intended it to do. Supposedly, this also lets you look at what you’re allowing the app to do.
In practice, most of us pay about as much attention to app permissions as we do to the terms and conditions disclaimer when we install software on our PC.
If you want to protect yourself, invest the extra ten seconds it takes to read through the list of app permissions.
Does the app really need to be able to send and receive SMS (text) messages without you knowing? What about accessing or changing your Photos/Media/Files, or your Wi-Fi Connection Information?
If that sounds a bit scary…good.
2. Don’t Root your device if you don’t need to
I’m going to take some heat for this one, but I’ll say it anyway: Most people have absolutely no business rooting their smartphones, tablets, or TV boxes.
Rooting your Android device, or Jailbreaking your Apple device, completely opens up the device – essentially making it a blank slate. You can enable anything, install anything, and tweak absolutely everything about the device.
You’ve also bypassed most of the innate security features of the device.
Here’s what I mean.
Think of your Android device as a playground with a bunch of sandboxes neatly laid out in a row. You are an app – whatever app you’d like to be. Go crazy here, it’s an illustration.
There are lots of other kids (apps), each with its own sandbox. One kid, we’ll call him Billy, might make a complete mess of his sandbox. But what Billy does in his sandbox has nothing to do with you. You’re still happily playing in your sandbox, even though Billy is throwing his sand all over the place like a crazy person.
That’s the way apps are designed to work. All of the important work is done outside the sandboxes so that no app can affect any other app, or really affect overall system security.
What happens when you root the device? You take out the sandboxes. Not the sand…just the box itself. The sand is sitting there in a pile on the ground.
Now, when Billy is making a mess, some of his sand gets in your play area and starts messing up what you’re doing.
That, in a nutshell, is what happens when you root your device. All of your apps can interact with each other, many times without your permission. In the best case scenario, it can cause errors in the apps because one app changed something that another app relied on to work. Worst case, you’ll have a malicious app with free reign on your device.
Unless you really know what you’re doing, and have a darn good reason, you should avoid rooting your device.
But it’s even more dangerous if you enable “Unknown Sources.”
3. Turn off “Unknown Sources”
By default, Android will only let you install apps from the Google Play Store. Google does a pretty good job of checking any apps for malicious code or hidden viruses which is why this setting is off by default.
There are alternate Android app stores, other than the Google Play Store. One of the most popular is the Amazon App Store. The catch is that to install them, you need to enable the setting “Unknown Sources – Allow installation of apps from sources other than the Play Store.” This is often called “sideloading Android apps.”
What they don’t tell you is that leaving it enabled leaves a giant security hole that’s just waiting for malicious code.
What’s the real risk? Well, the “FBI virus” that you saw above can only be installed on your system by…you guessed it….enabling app installation from unknown sources.
This is by far the simplest protection you can have for your Android TV box.
It won’t stop everything though. Every once in a while one of the Internet security companies finds a few fake apps that Google missed. That’s why it’s still important to…
4. Run an Android virus protection app
Good virus protection will make up for some lax security in other areas. At least partially.
But the thing is that this is the most critical, yet often the most overlooked security step you can take.
What gets me is that consumers spent about $81.5 Billion dollars on mobile accessories in 2015, but a recent study found that the entire mobile security market accounted for a paltry $3.4 Billion. Let me get this straight, we spend 23 times more on cases and screen protectors than on securing our devices.
Think about it this way: This is like buying a brand new sports car, tricking it out with a cool paint job, new rims, and a killer stereo, and then never changing the oil in the car. You’re going to have a great ride for about six months before stuff starts going wrong. Eventually, it’s going to blow up in your face.
Even a free antivirus app is better than nothing, but I highly recommend spending $20-$40 or so and getting a complete, always-on Android virus protection app.
Best Android virus protection
I’m a PC-builder from way back, as many of you might have read elsewhere on this site. I’ve always used two security programs to protect my systems, and I still practice that with my smartphones, tablets, and TV boxes. So I’ve got two products to recommend.
I’ll explain why.
When you go to the doctor’s office and the doctor tells you something is wrong, many people like to get a second opinion. Sure, they could be right, but they might not be. Whatever remedy they prescribe is likely to be expensive or painful, so personally, I’d rather be sure.
1 BitDefender: Total virus protection
For all-around virus protection and Internet security, I recommend BitDefender.
Remember in the beginning how I said that I found a lot of information researching this article that I didn’t know? Well, this is the biggest “a-ha” moment I had.
You see, I was using Webroot for a few years. I bounced back and forth between McAfee, Norton, and AVG before settling on Webroot a few years ago. I was never happy with how much of a resource hog the other anti-virus programs were on my PC and my Nexus smartphone. Webroot seemed to give me the same level of protection without all of the excess overhead.
“Seemed” is the operative word. AV-Test, the major independent IT security organization, stopped testing Webroot back in 2014 – right after I started using it, it seems. I don’t know about you, but that’s concerning to me. Looking back at the last test, the scores weren’t that impressive.
Webroot was able to find 95% of the real-world tests. The industry average, but I think I can do better.
BitDefender ups the game considerably, both in Android virus detection and Windows virus detection.
In the June 2016 test, the latest at the time of this writing, BitDefender detected 100% of the 3,459 Android malware samples in real-time. On the PC, it protected against 98% of 0-day samples and 100% of the malware discovered in the previous 4 weeks.
Oh, and if you’re wondering, BitDefender won AV-Test.org’s 2015 Award for Best Android Security.
That’s protection that I can feel confident in. To learn more, head on over to BitDefender.com for a free 30-day trial.
2 Malwarebytes: Malware protection and removal
As a “second opinion”, I’ve trusted Malwarebytes for over a decade. What I like most about Malwarebytes is that it plays well with other virus protection programs.
Way (way) back when I was a computer tech, I would see people try to install Norton and McAfee on their PCs at the same time. The programs ended up fighting with each other, reducing performance and leaving their systems vulnerable to attack.
Malwarebytes is designed to work with other programs and not get in their way, because it focuses mostly on malware – the kind of apps that steal your data, identity, or location.
Their mobile version is a great free solution, although there are paid upgrades (of course) which offer more security as well as virus-protection for all of your devices. Yes, even your PC.
I don’t recommend it as your only security app, but it’s always nice to have a second opinion, right?
To learn more about their mobile and PC security software, go to Malwarebytes.com.
The Verdict
You wouldn’t leave your front door wide open with your wallet just laying there in plain sight, right? So why would you do that with your devices?
Security is a big deal. I can’t emphasize that enough. There are simple steps that you can take to make sure that your devices – all of your devices – are protected from hackers, viruses, Android ransomware, and other malware.
Discussing Android virus protection may not be as sexy as talking about whatever Kodi add-on will stream the football game. But, like that tricked out sports car we talked about earlier, if you don’t take the time to maintain your device, you won’t be able to enjoy it for very long.
Before you go…how do you protect your TV box and smartphone? I’d love to hear your experiences. Let me know in the comments below.
Hey this is jody Childs I have a android box I have a FBI virus on it how do I get rid of it
Hi Jody. Does it lock the device as soon as you turn it on, or can you get to anything before the message comes up? If it pops up as soon as you turn on the TV box, then you’ll probably have to wipe the device, do a factory reset and start from scratch.
Great article Tim. I’m new to android tv box but reasonably savy on computer tech stuff. I recently bought an android tv box from an outlet that provides “their own version of Kodi” and maintains same via email update instructions. Me now thinks there is a huge litigation liability exposure on supplier for this if user screws up with his own “add-ons”. Supplier didn’t request any disclaimer on this probability or how the “box” would be integrated into a home network. Interested to hear your views…..Mo
Hi Maurice. Great question. I don’t think that there’s any liability on the box seller or manufacturer unless they bundle some malware into the device. Computers have always followed the rule: Let the downloader beware. 🙂
Is there a vpn service that could help with a tv android box. I haven’t found one yet. I am new to this.
Hi Mark. I’m currently exploring different VPN options. I’ve got a couple articles in the series already and you can find them here.
Is possible to catch something that would not allow you turn your TV on at all
I’m an oldie reading these comments. I was recently given a Kodi box as a gift. Although I have Super AntiSpyware (Paid for legally) version, running on my PC., I am assuming that this will not protect my Kodi Box. I also run spyware and malware protection on my tablet and phone (also legal). What else do I need to do to protect myself. Please explain to me as though I am totally uneducated about this i.e. step by step. Thank you in advance.