Doctor Web researchers discovered the Vo1d malware affecting nearly 1.3 million Android-based TV Boxes worldwide, indicating a significant security breach. Dubbed Vo1d, this malware, functioning as a backdoor, allows remote attackers to stealthily download and install third-party applications on infected devices. Victims report alterations in system files, resulting in potential unauthorized access and malicious operations performed by attackers. The widespread impact reaches users in 197 countries, with a concentration in places like Brazil, Morocco, and Pakistan, among others. The exploitation of outdated Android versions, coupled with the manufacturers' deceptive practices of misrepresenting older operating systems as more recent, exacerbates the situation. Users' misconceptions about the security of TV boxes also contribute to the absence of antivirus protection. Although the precise method of infection remains undetermined, speculation points towards the exploitation of system vulnerabilities or the use of unofficial firmware containing root access
Source: https://securityaffairs.com/168342/malware/vo1d-android-malware-tv-boxes.html
TPRM report: https://scoringcyber.rankiteo.com/company/medicalwebexpert
"id": "med000091424",
"linkid": "medicalwebexpert",
"type": "Breach",
"date": "9/2024",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': '1.3 million',
'industry': 'Electronics',
'location': ['Brazil',
'Morocco',
'Pakistan',
'197 countries'],
'type': 'Manufacturers of Android-based TV Boxes'}],
'attack_vector': ['Exploitation of system vulnerabilities',
'Unofficial firmware containing root access'],
'description': 'Doctor Web researchers discovered the Vo1d malware affecting '
'nearly 1.3 million Android-based TV Boxes worldwide, '
'indicating a significant security breach. Dubbed Vo1d, this '
'malware, functioning as a backdoor, allows remote attackers '
'to stealthily download and install third-party applications '
'on infected devices. Victims report alterations in system '
'files, resulting in potential unauthorized access and '
'malicious operations performed by attackers. The widespread '
'impact reaches users in 197 countries, with a concentration '
'in places like Brazil, Morocco, and Pakistan, among others. '
'The exploitation of outdated Android versions, coupled with '
"the manufacturers' deceptive practices of misrepresenting "
'older operating systems as more recent, exacerbates the '
"situation. Users' misconceptions about the security of TV "
'boxes also contribute to the absence of antivirus protection. '
'Although the precise method of infection remains '
'undetermined, speculation points towards the exploitation of '
'system vulnerabilities or the use of unofficial firmware '
'containing root access.',
'impact': {'systems_affected': '1.3 million Android-based TV Boxes'},
'initial_access_broker': {'backdoors_established': 'Vo1d malware'},
'motivation': ['Unauthorized access', 'Malicious operations'],
'title': 'Vo1d Malware Affecting Android-based TV Boxes',
'type': 'Malware',
'vulnerability_exploited': 'Outdated Android versions'}