New Botnet Targets Android Set-Top Boxes

The bond between humans and their favorite TV-streaming sites is strong, and long winter evenings only serve to deepen the love affair. But a newly discovered internet-of-things (IoT) botnet is trying to break up the romance by messing with Android OS-based set-top boxes (STBs).

Ares was uncovered by device cybersecurity company WootCloud, which named it for the Greek god of war – not after Athena, who represents military strategy and generalship and is the goddess of intelligence, but after Ares, who is associated with the untamed physical and violent aspects of warfare. Uh-oh. 

The Ares ADB Botnet was found after researchers identified suspicious behavior on Android STBs used for streaming media from sites likes Netflix and Hulu. After closely monitoring activity on HiSilicon, Cubetek and Qezy Media STBs, WootCloud discovered Ares targeting Android-based IoT devices to trigger infections on a large scale.

WootCloud founder and CTO Srinivas Akella told Infosecurity Magazine: "Our discovery has seen Ares using misconfigured ADB interfaces left open on custom android installations on set-top boxes to get full control of the set-top box. We have not seen smart TVs infected in our investigation, but any Android device with this interface open for access is vulnerable to this attack."

Explaining why the newly discovered botnet is such bad news, Akella said: "Ares attacks set-top boxes and compromises them so they can be used to install malware and further compromise other devices with [distributed denial-of-service]  attacks, Bitcoin mining and brute-force password-cracking attacks, amongst others.

"This discovery is significan ..

Support the originator by clicking the read the rest link below.