Complete with budget Smart-TV, prefix T95 was malicious in

as told Canadian IB-specialist Daniel Milisik, Smart-TV prefix from T95 on Android came to him infected malicious software. Milisik discovered that the prefix was signed by test keys, and the Android debt bridge was open, which allowed anyone to access the device through Ethernet and Wi-Fi.

And with the help of the Pi-Hole program, the researcher learned that the prefix constantly tried to connect to various well-known malware, and the malicious software worked almost like the Copycat malvar, which seizes control over the device, after which it could establish arbitrary applications and make money to make money For operators, showing advertising. In addition, the Milisik said that a harmony called adups was installed on the prefix.

It is still unclear how many such prefixes were sold, but in his post the researcher told how to find out whether the T95 is infected with malicious software. To do this, look for the “/DATA/System/Corejava” and file “/data/system/sharedprefs/openpreference.xml” on the device. If they are, then the device was hacked.

In his Github-post, Milisik proposed a method of partial disconnection of malicious software. To do this, you need to break the connection of the prefix with the servers that control the hackers. Less advanced users, the researcher recommended simply turning off the device, as the reset to factory settings does not help – the malvar is simply installed again.

/Media reports cited above.