Android Ransomware Hits Smart TVs

Reader Trailrunner7 writes: Security researchers have discovered a variant of the FLocker Android ransomware that not only infects mobile devices, but also can infect smart TVs running certain versions of the operating system. FLocker ransomware has been active for more than a year now, and it is many ways a typical piece of mobile ransomware. It is designed to scare victims into paying a ransom -- $200 in this case -- by locking the infected device and throwing up a screen that accuses the victim of some fictitious crime. The ransomware doesn't appear to encrypt files on an infected device, but it locks the screen so the user can't open any other apps or take any other actions until paying the ransom.

Researchers at Trend Micro said they have seen various versions of FLocker over the last year and the activity level of the ransomware has varied. The newest version of the malware, however, includes the ability to infect art TVs, many of which run Android.

Why can't someone hack the cable box & free hb

[Joe_Dragon]

Why can't someone hack the cable box & unlock free hbo? holding the cable co / hbo and get a nice ransom from them?

Re: Why can't someone hack the cable box & fre

[Blythe Bowman]

Free HBO? That was the cool thing to do.....in the 1980s (Having grown up in the 80s, I remember this well, along with IRoc cars, La Bamba (movie and song remake), and casette tape Walkmans)

Re: Why can't someone hack the cable box & fr

[ArmoredDragon]

I was doing it as late as 2004. Why? Because breaking smart cards was more fun than actually watching TV, which has mostly uninteresting crap.

Re:

[kelemvor4]

Why can't someone hack the cable box & unlock free hbo?

That's been done ever since HBO was a thing. From the days of analog cable boxes through today.

Manufacture Dream Come True

[ninthbit]

Sorry sir, we no longer support that model (or your warranty doesn't cover software). We can service it for 90% of the cost of a new TV, or recommend some of our newer models.

Re:Manufacture Dream Come True

[Anonymous Coward]

Anyone who buys anything with "smart" in the name deserves every bad thing that happens to them.

You need a smart TV like a fish needs a bicycle.

Re:

[Yvan256]

https://www.youtube.com/watch?... [youtube.com]

Re:

[Noah Haders]

Does this also apply to art TVs?

Re:

[jandersen]

Welcome to the IoT; what will people pay for being able to control their heating, freezer, oven etc etc again?

another reason to never connect a TV to ethernet

[swschrad]

always have a throwaway box first, like for instance, an antenna switch for rabbit ears or rooftop.

Re:

[jedidiah]

>> always have a throwaway box first, like for instance, an antenna switch for rabbit ears or rooftop.
>
> Ha ha! Connecting a TV with Ethernet. You must be old. Does your house smell like onions and old books? How's your prostate working??

You're confused. Wireless is for people that have old houses that are the equivalent of an old man with a bad prostate. Wireless is what's for people that can't or won't get with the times.

Re:another reason to never connect a TV to etherne

[meerling]

Wireless is a LOT slower than wired, so if you are a casual user of the internet I guess you could get by with just wireless.

Re:

[Grishnakh]

That's not an option with many new TVs: they require network connectivity or else they won't even work as a TV or display monitor.

This is probably a good reason to buy your TV from Walmart actually: it's trivially easy to throw stuff back in the box (poorly) and get a full refund at your local Walmart. With Amazon, they'll probably require you to pay for return shipping costs.

Re: another reason to never connect a TV to ethern

[Anonymous Coward]

Just don't fucking buy a TV with networking. Are you having difficulties understanding that?

Re:

[Opportunist]

Is there still one offered without?

Re:

[Cro Magnon]

I still have a "dumb" TV. It's not big screen, only 32", but good enough, and a better fit for my not-so-big living room anyway. And no ransomware worries.

Re:

[Anonymous Coward]

He was asking if you can buy one (in the present tense), not whether or not you already bought one in the past perfect tense. This is about 2016, not 2008.

Now, if you wanna tell us that you recently bought your dumb TV, and also mention its manufacturer's name and its model, great! You'll be contributing to the conversation. (Otherwise: WTF, dude? We care as much about your old TV as your old coffee-maker or your favorite brand of toothpaste.)

Re:

[farble1670]

Not really. You can buy computer monitors, but they don't get much above 32".

Re:

[Lumpy]

Really? then how did I get this planar 50" that is just a basic display with inputs only?

Re: another reason to never connect a TV to ethern

[Opportunist]

We would like to know that too, so in case you ever find out, please enlighten us.

Re:

[farble1670]

>32" is out of the main stream for computer monitors. If you search on Amazon, you get a bunch of oddball shit, about half of which is priced exorbitantly.

https://www.amazon.com/s/ref=n... [amazon.com]

Which one of these "reasonably priced" models do you own? Whichever one, that wasn't exactly a savvy purchase. They are more expensive than a 2016 4K TV, and don't have any of the image enhancement features of modern TVs (upscaling, local dimming, etc) and aren't newer display technology like VA, OLED, IPS.

Only one of t

Re:

[farble1670]

I may be poor, but paying more for less is retarded. If the shoe fits.

Re:

[Lumpy]

Yep, it's called a commercial set. and contrary to the videophiles, they have an awesome picture.

Re:

[TroII]

In 5 years you may not be able to buy a dumb TV anymore, as manufacturers are shifting away from them. It's rather onerous to buy a dumb TV now, unless you want to order one online and deal with returning the first couple that show up broken. Go to any big box store and look at the big screen display televisions they have hooked up. Almost every one of them is internet enabled and some of them are internet required. As in, if you turn on your TV and it can't phone home to the mother ship, you aren't watchin

Re:

[tlhIngan]

That's not an option with many new TVs: they require network connectivity or else they won't even work as a TV or display monitor.

This is probably a good reason to buy your TV from Walmart actually: it's trivially easy to throw stuff back in the box (poorly) and get a full refund at your local Walmart. With Amazon, they'll probably require you to pay for return shipping costs.

I would be extremely surprised if a tv did this, as its a good way to get returns. Because there are many reasons why a network conne

Re:another reason to never connect a TV to etherne

[fnj]

That's not an option with many new TVs: they require network connectivity or else they won't even work as a TV or display monitor.

Proof or you made that up. I'm going to block everything outside my LAN to the TV at the router.

Re:

[meerling]

Get your router tables ready, you're going to be setting up some new rules real soon!
I'm to lazy to go look up the articles for other people. Today, I'm not even doing it for myself. :P

Re:

[Pascoea]

I guess my biggest question is if you aren't using the "smart" features of the TV, installing apps, browsing the internet, etc, how is it getting infected with malware? From what I'm reading (in the sparsely detailed linked article) this isn't something that gets brought in from outside the device (bringing it in on an infected phone or pc), you have to install the offending app on the TV.

It seems to me that the only people that are affected by this are the people that want to use the "smart" features of t

Re:

[Grishnakh]

Yeah, that's a good question. I really don't know, but you're probably right: if you don't mind being spied on by the TV maker (which is why it needs to be connected to the internet ultimately, for the phone-home "feature"), but don't mess around with any of the other "smart" features, and especially if you're behind any typical NAT router, I don't see how you'd get infected with anything unless the TV maker's own service gets compromised.

Re: another reason to never connect a TV to ethern

[Blythe Bowman]

How about Ethernet/WiFI===>cheap smart tv box===>good quality non-smart tv? The boxes are small enough now to simply mount to the back of your set or hide somewhere and if the box gets bricked/turned into a storage device for illicit material that a bot net uses, you simply replace the box and throw away/grind it down.

I'll stick with my 50" monitor

[by (1706743)]

For local content, an RPi2 works flawlessly ($35). For streaming, a first generation Chromecast works flawlessly ($35). For anything else, a laptop and a long HDMI cable does the trick.

If my Chromecast gets infected, that would be a bummer but I'd be out $35. If my RPi2 gets infected, I'll wipe it and start over again.

Re:

[BlackHawk-666]

That may be right, and certainly is for 1080p H.264 playback. I think (but can't recall for sure) that it wasn't fast enough to handle 1080p HEVC (H.265) playback, which is how I get most my content these days. That said, an ODROID-C1+ is quite capable, and just as easy to set up as the RPi, and about the same price.

I actually use my Sony Android TV these days, now that after a few patches it can actually play back the 1080p HEVC content (and 4K content, it was shit at doing this on release).

Hopefully, very

Re:

[by (1706743)]

Yeah, pretty sure you're right about h265 on the RPi -- it does h264, VC1 and MPEG2 with hardware decode. (I think the RPi2 is fast enough to do MPEG2 in software, not sure though.)

I have an Odroid C1 (not C1+), but I never got it working as smoothly as I wanted. I think h265 worked, IIRC, but I had problems with audio passthrough, MPEG2 stuttering, and I think some of my BD rips (either h264 or VC1, can't recall) likewise had some jitter. Plus, the HDMI-CEC support never worked for me...though maybe I s

Re:

[hackwrench]

This exploit puts software on Android systems in such a way that the usual install path doesn't see it. It's as if were the system capable of asking, "Are you new here?" the malware would say. "No, I've been here all along." and the system would be like, "Okay, then... carry on."

Re:

[Opportunist]

But of course we still have schools, don't be silly. They have just been repurposed. From places where kids learn something to places where kids are being stored for at least a few hours so their parents can get rid of them.

Like, you know, those summer camps were. Just for the rest of the year.

Re: Unknown Sources

[Blythe Bowman]

Schools ==> sKOolz. Idiocracy is comming....... (look at how kids "mature" into adults now compared to even 40 years ago. ::shudders::)

Re:

[Opportunist]

Mature? Take a look at YouTube. Watch a few videos. Tell me that the average person is an "adult" in any other way than what the judge cares about.

Re:

[meerling]

The stupid is already here, but they haven't been able to completely shut down the schools yet, though they do keep degrading their quality.

MAKE APPS APPY AGAIN!

[Anonymous Coward]

For too long, LUDDITES have been writing LUDDITE software disguised as apps like this ransomware "app", taking away jobs from hard-working app appers. Vote for Appald Trump, and he will MAKE APPS APPY AGAIN! All LUDDITES will be deported to LUDDITE Mexico, and American companies will be forced to app apps that app other apps!

Apps!

Re:

[meerling]

First, that's incorrect. Stop falling for old myths that were never true to begin with.
ijunk has less malware, because there are less of them. The writers of malware want to nail as many potential suckers as they can, so most of them target the big herd. Of course, there is something to be said for targeting the smaller more complacent herd that incorrectly believes it's invulnerable since almost nobody shoots at them.

Wasn't it just last week

[H3lldr0p]

where /. was asking why people wanted or avoided "Smart" televisions?

Consider this exhibit A in the Not column.

"infect art TVs"

[rhysweatherley]

This is why I only use "science TVs"!

Re:

[SeaFox]

Maybe they are referring to a large-screen version of those LCD picture frames that play a slideshow from off a SD card.

Re:Don't Know Why They're Call Smart TVs

[Opportunist]

They're smart. Relative to the people buying them.

"Smart"

[grasshoppa]

The only "smart" in "smart" TVs is the marketing effort behind them which convinces the sheep they want one.

Re:

[BlackHawk-666]

Quite right, only the marketing...that and the general purpose CPU chips, often ARM based that run a variant of Linux / Android and are able to perform general purpose computing tasks. As a programmer that's quite an interesting proposition as I could run my own code on the TV set.

Most of the mid-high end TV sets are smart TVs, so if you want a decent 4K set with high colour depth, frame dimming, a selection of display modes, high fidelity rendering of scenes, etc...you're going to have to get a smart TV. I

Why you don't want most Things to be Intelligent.

[gurps_npc]

Multiple function devices always give up some functionality. "Flying cars" are expensive, poor cars and expensive, poor planes. Swiss army knives are great, but never as nice a blade as a good hunting knife.

TV/VCR Combo are stupid know. Ten years from now, the smart TV will also be stupid. Better to get a huge monitor and connect it to a good computer - that you can update in 5 years, keeping the monitor for another 10

Smart TV's etc. are not worth it.

Re:

[The Conductor]

TV/VCR Combo are stupid

Heh, my combo set (which I didn't pay a dime for, and whose VCR broke long ago) can't play DVDs through the video input. The video passes through the VCR's AGC circuit whether I am using it or not, and Macrovision signal corruption creates brightness flicker as is its pathological intent. I use my xdimax Grex time-base corrector on it when I must.

I always recommend against "smart" TVs myself. To describe it succinctly, the upgrade life-cycle of a TV is much longer than the upgra

Why you don't want Things to be Unmaintainable

[Sloppy]

I think people are learning the wrong lesson here. This story is why you want your computer (whether it's in a separate box or inside of the monitor) to be maintainable.

Boot your computer from rescue/install image and either remove the malware or re-install (preferably a newer version of the OS, which doesn't contain whatever bug enabled the installation of the malware in the first place). If you can't do that, then it's a shitty computer no matter how big the bundled monitor is.

It doesn't matter that the m

Re:

[gurps_npc]

That's not my take away. Computers are by definition generic machines. They have to do everything - be a spreadsheet, be a word processer, be a video player, connect to the internet, be a phone, etc.

That is what I object to - putting all that EXTRA tech in my dedicated Video viewing device. When you make something do too much, it DECREASES it's life expectancy and tremendously decreases the chance something will go wrong.

Basically, you can NEVER get a good SmartTV, no matter how much you try because it g

Those monsters!

[Opportunist]

Not during the football Euro Championship! How can you!

Sweet

[argStyopa]

And if you can imagine implementing the whole "internet of things" you could wake up every morning to find out something like this about all sorts of critical systems on your house!

The "internet of things" is a COMPLETELY stupid concept; I'm not sure why people seem to keep promoting it.

Re:Sweet

[HornWumpus]

Switching powers supplies, reactance and the electric grid.

Old school power supplies are resistive, they draw a little less power when the line voltage drops,

Switching power supplies have complex reactance. When the voltage drops, they draw higher current.

When the grids reactance as a whole stops being mostly resistive, the grid goes unstable. The higher current draw further pulls down voltage, which pulls more current...

The choices are smart devices that know not to draw higher current (sometimes) or maintaining 51% of the load as resistive.

Re:

[hankwang]

"The choices are smart devices that know not to draw higher current (sometimes) or maintaining 51% of the load as resistive."

Thank you, my universal 100-240 V AC laptop adapter won't work anymore in the US and your US one will go up in smoke and flames in Europe. Or your tv will black out when the freezer/airco switches on...

Attack Vector

[nuckfuts]

As someone who doesn't use any features of a "Smart TV", I'm curious what the attack vector is?

Re:

[farble1670]

Usually a browser exploit coming from a pr0n or gambling site, but also from malicious apps that utilize exploits.

Re:

[jetkust]

The attack vector is going to the FLocker web site, clicking on the "How to install ransomware on my TV" link, and following the installation instructions.

One more reason

[onyxruby]

That disconnecting your smart TV from the Internet is the smartest thing of all. I want a screen, not another marketing / malware opportunity.

Really? TVs?

[farble1670]

Security researchers have discovered a variant of the FLocker Android ransomware that not only infects mobile devices, but also can infect smart TVs running certain versions of the operating system.

Oh so you mean the malware doesn't inspect the screen resolution and block itself from running if it's a large screen? Fascinating.

Re:

[eth1]

Security researchers have discovered a variant of the FLocker Android ransomware that not only infects mobile devices, but also can infect smart TVs running certain versions of the operating system.

Oh so you mean the malware doesn't inspect the screen resolution and block itself from running if it's a large screen? Fascinating.

If it did that, it would be locking the TVs and not the phones :P
HDTV: 1920 x 1080
Galaxy S7: 2560 x 1440

Re:

[farble1670]

Ok, screen size (which is a parameter in Android).

Place Smart Devices on an Isolated VLAN

[Sadsfae]

I've been unfortunate enough to garner a few IoT devices, including a Samsung Smart TV. With a little bit of effort and a decent Asus Router with Tomato firmware I've placed any questionable devices on isolated VLANs [hobo.house] so they don't affect the rest of of my trusted network. I can also block or whitelist their outbound traffic if needed.

Re:

[BUL2294]

For now, your only concern is that your Samsung Smart TV isn't infecting your other IoT devices? You'll still be mighty pissed off when a "legitimate" ad network lets some ransomware masquerading as an ad come across one of the extra ads Samsung wants to display on your TV... But hey, it's only $200--until you realize that Samsung has no fix or security update... So, nothing prevents you from getting the same ransomware over and over...

And even then, it's only a matter of time before someone figures out

Re:

[account_deleted]

Comment removed based on user account deletion

I told you so

[Trogre]

And you still thought connecting your TV to the Internet was a pretty neat idea.

I told you so.

Ransom Ware

[Richard Brandshaft]

The root problem is this: The Android system does not allow you to back up images of your device (via USB to a PC or Mac) and restore the device from a PC or Mac when something goes wrong. With Desktops and Laptops, I save images of C: and Macintosh HD (using Paragon software for PCs, the built in Disk Utility for the Macs). I also save my data on other partitions than C: or Macintosh HD where allowed. When something goes badly wrong I don't even try to figure it out; I just restore the last good image