Malware hitting some of Amazon’s best-selling products

Malware hitting some of Amazon's best-selling products

Cryptojacking is one of the latest malware threats you have to watch out for. It’s a growing problem and it’s starting to become one of the biggest tech scams out there.

With the current cryptocurrencies explosion, this new kind of profit-generating practice is quickly spreading. While cryptomining is a completely legal way to earn cryptocurrencies, cryptojacking is another story. It’s a new scheme by cybercriminals to profit off your gadget without your knowledge.

And it looks like it’s not strictly infecting computers and smartphones anymore. Nasty cryptomining malware was discovered in these best-selling Amazon products as well. Read on and learn more about this latest threat, how to spot and remove it, and how to prevent your gadgets from getting reinfected.

Amazon gadget worm alert!

An Android worm has been spotted spreading to a number of popular Amazon products, mainly the Fire line of streaming devices like the Amazon Fire TV box and the Fire Stick.

The worm is not targeting Fire TV gadgets exclusively but Amazon’s Fire operating system is based on Android so these gadgets are also vulnerable to the same Android malware.

According to AFTVNews, the malware appears to be a variant of ADB.Miner, an Android worm that scans vulnerable gadgets on the web then infects them with a stealthy cryptomining virus.

However, instead of automatically infecting vulnerable devices, the Fire TV variant is installed through a side-loaded app named “Test” (package name is “com.google.time.time“).

Image Credit: AFTVNews

Once it gets a foothold on your network, ADB.Miner will search for other vulnerable gadgets in your network including Android-based smartphones, tablets, smart TVs and set-top boxes that have publicly accessible Android Debug Bridges (ADB).

Note: We’ve talked extensively about ADB.Miner’s capabilities. Click here to learn more about it.

Fond of pirated movies and TV shows? You better watch out

How can third-party apps make their way into Amazon’s supposedly closed Fire TV ecosystem anyway?

Similar to other Android gadgets, you can also turn on a Fire TV’s developer options like “ADB debugging” and “Apps from Unknown Sources.”

ADB debugging is a network tool Android ADB used for a variety of tasks including installing and debugging apps while turning on “Apps from Unknown Sources” allows you to install side-loaded apps to your Fire TV.

Why would anyone download and install this sketchy third-party app to their Fire TV gadgets? According to AFTVNews, it’s an app that promises access to pirated movies and TV shows.

Symptoms of a cryptojacking infection on your Fire TV

Why is cryptojacking dangerous for your gadget? Well, it can make your gadget work overtime, relentlessly straining your gadget’s processor and cause it to overheat. It can also use up your data bandwidth without your knowledge.

You may find your Fire TV gadget to be unusually slow, with apps taking longer to load. Videos you’re attempting to stream may stutter and buffer all the time.

In some cases, infected Fire TV gadgets will show a notification that says “Test” together with the green Android robot icon. This screen also causes videos and apps to stop, making the gadget virtually unusable.

And that’s not all. Aside from secretly installing cryptomining software, the malware also scans your network and the internet for more victims it can infect. It’s exactly how a virus is supposed to operate.

Click here for a detailed look at how cryptojacking works.

How to spot ADB.Miner on your Fire TV

Another quick way to check if your gadget is infected is to check your installed apps and see if an app called “Test” is present. Keep in mind that this malicious app is stealthy and it won’t appear in your Fire TV’s app section nor its application management systems.

To spot it, you’ll need to install an app called Total Commander from the official Amazon app store.

Once installed, open Total Commander, go to the “Installed Apps” section then check if an app called “Test” is listed.

Image Credit: AFTVNews

How to remove the malware

Factory reset – If you do suspect that your Fire TV is infected, the best way to get rid of the malware is to perform a factory reset. To avoid reinfection, make sure all your Android and Fire TV gadgets in your home network that may likewise be infected are unplugged.

To factory reset a Fire TV, navigate to its Settings section >> select Device >> then select “Reset to Factory Defaults.” After the factory reset, your Fire TV will reboot. Now make sure you that you keep the developer option “ADB debugging” off.

To prevent accidental malware installs from unauthorized sources, it is recommended that you turn off “Apps from Unknown Sources” as well.

Uninstall the malicious app – Although you can uninstall the malicious “Test” app with Total Commander, it’s not recommended since it is still unclear what other modifications ADB.Miner does to your Fire TV gadgets. If you are pretty sure that your gadget is infected, please perform a factory reset instead.

Click here for tips on how to detect Android malware.

How to protect your Android gadget from ADB.Miner

As I mentioned earlier, to protect all your Android-based smartphone, tablet, smart TV and set-top box (not just Fire TVs) from ADB.Miner, make sure your gadget’s ADB interface is set to “Off.”

And as usual, beware of installing applications straight off the web and not from the official Amazon App Store and Google Play Store. Also, look out for surprise app permission requests that might pop out and never grant them!

And lastly, with the assortment of legitimate sites that offer free movies, accessing these illegal piracy sites and apps is not worth it. To keep your gadgets safe, just avoid piracy sites and apps in general.

We may receive a commission when you buy through our links, but our reporting and recommendations are always independent and objective.

Tags: Amazon, Android, cybercriminals, Google, malware, operating systems