Latest Top Posts

gemini-will-now-also-remember-free-users’-preferences

Gemini Will Now Also Remember Free Users’ Preferences

galaxy-tab-s10-fe-plus-5g-gets-certified-in-korea-with-live-image

Galaxy Tab S10 FE Plus 5G Gets Certified In Korea With Live Image

google-chat-expanding-markdown-support,-gemini-summaries

Google Chat Expanding Markdown Support, Gemini Summaries

ah-real-deal:-don’t-miss-samsung’s-galaxy-a35-5g-for-$75-off

AH Real Deal: Don’t Miss Samsung’s Galaxy A35 5G For $75 Off

windows-10-mobile-is-now-dead-(like-actually-dead)

Windows 10 Mobile Is Now Dead (Like Actually Dead)

Vo1d Malware Has Already Infected 1.6 Million Android TV Devices

All the latest Android & Tech news Android TV Tech News Vo1d Malware Add Comment 3 Min Read
vo1d-malware-has-already-infected-1.6-million-android-tv-devices
Vo1d Malware Has Already Infected 1.6 Million Android TV Devices

A report from last year revealed a massive Vo1d malware infection affecting 1.3 million Android streaming boxes. Now, a new variant has been growing rapidly and helping to push those numbers up. Researchers at Xlab discovered that the Vo1d malware is now present on nearly 1.6 million Android TV devices.

More specifically, the report indicates that there are 1,590,299 Vo1d-infected devices across 226 countries. All of these Android TV products are now part of a massive botnet of anonymous proxy servers, without the owners even being aware of it. The Xlab team has been monitoring the malware’s evolution since November 2024.

Nearly 1.6 million Android TV boxes infected by Vo1d botnet malware

The team behind Dr. Web antivirus was also tracking the malware last year. Researchers found that, as of September 2024, there were 1.3 million devices infected by Vo1d across 200 countries. Plus, the malicious actors behind the updated version have improved its tech. It now boasts “advanced encryption (RSA + custom XXTEA), resilient DGA-powered infrastructure, and enhanced stealth capabilities,” Bleeping Computer reports.

The majority of devices infected by the malware are in Brazil (almost 25% of the total). The second most affected country is South Africa, which accounts for 13.6% of infected Android TV devices. Indonesia (10.5%), Argentina (5.3%), Thailand (3.4%), and China (3.1%) round out the top 5. It’s noteworthy that Vo1d primarily affects Android TV boxes not certified by Google. Products with Play Protect support are usually safe. Security systems set up by Google are able to detect the potential infection before it happens.

See also  AH Real Deal: IRobot's Cheapest Robot Vacuum Is Now Only $119

Infections by the malware have seen sudden spikes in short periods of time. For example, a growth from 3,900 to 217,000 affected devices was detected in just three days in India. Researchers suspect that the team behind Vo1d could also be renting devices to join the botnet.

One of the largest botnets ever

The Vo1D malware seeks to “recruit” as many TV boxes as possible in order to join its botnet. Botnets are mainly used in DDoS attacks to take down platforms or websites for days (or weeks).

With 1.6 million devices in the botnet, the risks are pretty high. For context, last year, Cloudflare got a 5.6 Tbps DDoS attack that only required a botnet of 15,000 devices. In 2016, the Mirai botnet only needed a few hundred thousand “zombie devices” to take down platforms like Twitter and Netflix for users on the whole U.S. East Coast.

Tags: