Running Kodi on Amazon Fire TV or Fire TV Stick? You're at risk from cryptocurrency mining malware

Amazon’s Fire TV products are very popular with Kodi users, because it’s easy to install the media center software on it, along with any streaming add-ons.

Users of Kodi boxes are used to hearing of potential dangers -- some threats of which need to be taken with a pinch of salt -- but there’s a new malware variant that’s infecting Amazon Fire TV and Fire TV Stick devices globally, and which could well be on your device now.

SEE ALSO:

This thread on the XDA forums shows that a large number of Amazon Fire TV users have been infected with a piece of Android malware called ADB.Miner which installs itself as an app called "Test", under the package name com.google.time.timer. Once on a Kodi box it mines the Monero cryptocurrency and spreads to other vulnerable devices on the same network.

The worm infects devices which have ADB (Android Debug Bridge) debugging (aka Developer Options) enabled, and that’s something that users do in order to install Kodi on Android-powered devices like the Fire TV stick.

The worm appears to be being spread by the ADB.Miner botnet which scans the internet for Android devices with port 5555 open. According to Shodan, the Internet of Things search engine, over 17,000 Android devices are currently at risk, but this number is increasing daily, and in the US the majority of these devices are identified as "AFTS," "AFTM" or "AFTT" -- all Fire TV products.

You can check if your device has been infected by looking to see if you have an app called "Test" installed. You’ll probably need to use Total Commander from the Amazon appstore to check for this. Another giveaway is your Fire TV device will become very slow, apps will take an age to load, and streaming will be incredibly jerky as the malware uses as much of your device's limited processing power as possible to mine for cryptocurrency.

To avoid becoming infected, open up your Fire TV device’s Settings, select the Device menu and then Developer options. Make sure ADB debugging and Apps from Unknown Sources are both disabled.

If you’re already infected, the easiest way to remove the worm is to perform a factory reset. If you have more than one such device on your network, unplug all of them and go through the reset process one at a time in order to prevent devices becoming re-infected.

In the Device menu select Reset to Factory Defaults.

Photo Credit: Elena Yakusheva / Shutterstock

Via AFTVnews

© 1998-2018 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.