Friday, 17 June 2016 10:01

FLocker can infect Android OS TVs Featured

By
FLocker can infect Android OS TVs

FLocker – Frantic Locker – appeared in May 2015. Over 7000 varieties have evolved, and it has jumped to Android OS for smart TVs which is used by Sony, Sharp, Philips and more.

But most of you won’t have to worry unless you use the TV to read email, SMS, or surf the Internet – straight use as a dumb TV should be fine. There is some question about installing apps from non-authorised app stores but as far as I can ascertain major brands lock that up pretty tightly.

The interesting thing is that when it detects Android TV, it simply locks the screen – making the TV useless until a ransom is paid. It can also steal data from the device. It portends the beginning of ransomware for any IoT device.

Trend Micro said the latest batch of 1200 variants came in April and masquerades as the Cyber Police or another law enforcement agency. It accuses potential victims of crimes they didn’t commit. Then, it demands US$200 worth of iTunes gift cards.

When launched for the first time, FLocker checks if the device is located in Eastern European counties: Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia, and Belarus. If so it deactivates itself.

If FLocker reaches a compatible target, it waits for 30 minutes after infecting the unit before it runs the routine. After the short waiting period, it starts the background service which requests device admin privileges immediately. This bypasses Android’s dynamic sandbox. If the user denies this request, it will freeze the screen faking a system update.

Norton by Symantec has also warned of FLocker in the wild. Ironically it was one of the first companies last year to warn of ransomware for smart TVs. It is an interesting read as it also covers things like unsigned firmware updates and how a smart TV could be hijacked to become part of a Botnet or cryptocurrency mining operation.

While the initial version is "defeatable" via a computer with the Android developer tools using the ADB command to kill the process and revoke its administrator access, very few have that expertise. There is some talk of a hardware (not a software menu) factory reset, but depending on set that may not be possible. Smart TV manufacturers can tell you which combination of buttons to press at power on.

Dave Jevans, Vice President Mobile Security at Proofpoint, has provided some insights into this threat and user tips:

“The biggest risk will be on mobile devices where users surf the Internet or receive SMS messages that can spread malicious apps. Typically SMS messages are not enabled on TV sets running Android.  It could be possible to get infected by visiting an infected malicious website on your Android TV," he said.

Consumers can protect themselves by:

  •  not accepting apps for installation that are sent by SMS messages
  •  being very wary of accepting apps for installation from web pages and not an App store
  •  be very wary when apps request for increased access privileges
  •  be extremely wary or do not install apps on Android that have permissions such as:
    • RESTART_PACKAGES
    • SYSTEM_ALERT_WINDOW
    • KILL_BACKGROUND_PROCESSES
    • GET_TASKS

Enterprises can protect employees mobile devices by deploying an App Reputation and Security service in conjunction with their Mobile Device Management service.

Read 24219 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




IDC WHITE PAPER: The Business Value of Aiven Data Cloud Solutions

According to IDC, Aiven enables your teams to perform more efficiently, reduce direct infrastructure costs, and provide improved database performance, agility and scalability.

Find out how Aiven makes teams 48% more efficient, allowing staff to focus on high-value activities that drive real business results:

340% 3-year ROI – break even in 5 months (average)

37% lower 3-year cost of operations

78% reduction in staff time for database deployments

Download the IDC White Paper now

DOWNLOAD WHITE PAPER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Internet of Things
Tagged under
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Latest from Ray Shaw

Related items

More in this category: « IOT Groups’ OTT Premium seals APAC content streaming deal with Xstream Vigilance in the round – D-Link’s 360°, HD, indoor-outdoor security camera »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown:

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments