Asking the real questions here – can a smart TV get a virus? We’re about to find out. If you’re into gaming or streaming, you’ve probably bought yourself a wide QLED.
Smart TVs are awesome since they give you access to tons of content without the need to use an intermediary – remember when you had to hook up your desktop or laptop to the TV just to see a movie?
Since most smart TVs out there run an OS akin to Android, the question about whether or not TVs can get viruses seems only natural. So, if you’re still worried about someone hijacking your smart during an epic streaming night, check out this guide. Enjoy!
It started with a tweet…
Like every ‘great’ Internet smash, the entire smart TV malware gig started with a tweet from Samsung. Try as I might, but I couldn’t get ahold of the said message since the company was kind enough to delete not long after it went live. However, it did not go away quietly (into the night) – pretty soon, people began wondering whether or not their TVs are safe.
Per Samsung’s statements, the tweet was part of their cybersecurity awareness campaign.
Awareness or not, it does pose a rather interesting question: can a smart TV get a virus? Everybody agrees to disagree that the answer is “no” since smarts do not tap into the same resources as PCs, Macs, tablets, or smartphones. True, but not very convincing.
So, I started poking around to seek the answer to this elusive question. Long story short – yes, your smart TV can get a virus if you download stuff that, well, you shouldn’t download. Android TVs are more vulnerable compared to the non-Android models since they have full access to Google Play’s apps library.
Yes, one wrong download and you can probably end up with a bricked set or even with a compromised router. Daunting as it may seem, the chances of this actually happening are slim to none.
Of course, many agree that any kind electronic device can be hacked, but is it really worth it? Think of it this way: if someone were to hack his way into your PC, he could steal precious stuff like financial info. That’s a prize worth having.
Thor Foresight makes sure that link is safe!
Your parents and friends will click any suspicious link, so make sure they're protected.
Thor Foresight provides:
Automatic and silent software updates
Smart protection against malware
Compatibility with any traditional antivirus.
Stepping up the game
First of all, a wide-spread cyberattack should be capable of targeting several types of chipsets. It’s true that most smart TVs use ARM- or MIPS-based cores, but the tech itself used to bring the sets to life, differs from that employed to build PCs or smartphones.
That would be the first limitation. The second one would be the fact that all TV operating systems are written in ‘read-only’ form, which means that the set itself can view and read the code, but it cannot write or overwrite on its own accord.
So, what does that even mean? Well, it kind of translates to someone having to redo the whole code to change the attribute from ‘read-only’ to ‘read-and-write’. Sounds easy enough on paper, but reality says otherwise; no one’s going through that much trouble just to hack a TV set!
Another ‘countermeasure’ smart TV manufacturers use is the digital signature. Each time a new firmware update becomes available, it simply overwrites the old one. Being digitally-signed means that in the event that malware does find its way inside your TV, it will simply be picked up by the in-built antivirus and deleted.
Now, even if the malware manages to evade detection (and that’s a very big ‘if’), worst case scenario – it will gain access to the TV’s config & general settings sections. Not much damage it can do from there (maybe trigger a voltage overload in those CPU cores or something).
So can a smart TV get a virus?
Not quite – TVs, just like any other electronics, CAN become infected. Well, that’s a bummer – how can a device get and not get infected at the same time? Let me try to clear things up a bit. So, for a TV to get viruses, Trojans, or any kind of ransomware, you would need to perform a specific set of actions.
For instance, if you insert a USB flash stick that harbors a bug, then your smart TV gets infected. It’s as easy as that. There’s even a story to go along with that claim; several of them, actually.
Fishing for Trojans
Apparently, in 2015, a Tom’s Guide user reported that he unwillingly transformed his Samsung smart TV into a breeding pool for trojans. As the story goes, the user plugged a USB stick into the TV without knowing that the stick was infected with win32.waldek.ACL, a trojan notorious for its ability to reconfigure the affected machine’s DNS and to restrict access to some websites.
Nothing appears to have happened to the TV, but once the user inspected the thumb drive on a computer, he saw that it was indeed infected with that particular trojan. His AV managed to bust the win32 variant, without any issues.
However, each time he would plug the stick into his TV and then back into the PC, his AV would detect an infection. I don’t know how this story ends, but I guess returning the set to its factory setting can root out just about any kind of malware from the smart TV’s buffer.
There are other accounts of smarts getting bitten by the ‘love bug’.
When gaming turns…viral
During the same year, Candid Wueest, a cybersecurity researcher managed to prove what others couldn’t: that someone can hold your TV for ransom. In other words, ransomware’s universal. Now, keep in mind that Wueest’s ‘experiment’ worked because, well, he wanted it to work.
Here’s how it went down: in his demo, Wueest managed to infect a Sony Android TV with ransomware using a Man-in-the-Middle attack, by replacing a game installation file with ransomware. As a result, the TV locked itself up. What’s even worse is that you can’t do anything because there’s no way of actually clicking on the instructions’ link to see the payment details.
So, yes, it’s possible, but certain conditions must be met. First of all, the researcher was able to access the network path; IRL that could happen if the hacker was either on the same network as his victim or hijacks the victim’s DNS resolution.
Second, before starting this unlikely experiment, he enabled the TV’s Android ADB debugging feature, which granted him access to some pretty advanced features. Last, but not least, he knew where the experiment was headed and how it would end.
He eventually purged the ransomware by using the ADB shell. Lesson learned – it can happen, but there’s a boorishly long list of ifs to go along with that assumption.
Sis’s sys got pwned
The winter of 2016 brings us yet another case of what appears to be a ransomware infiltration. Lucky for us, this wasn’t another experiment, but the real McCoy. According to Reddit user u/tell_me_im_funny, his sister’s LG smart became infected while she was navigating on the TV’s web browser.
A couple of minutes later, the set got ‘bricked’, the only thing capable of displaying would be a message reading “Your computer has been infected, please gib money to fix it.”
This time, there was no ADB shell, no access to the network pathway, and no one to call for help. In a later ad-lib, the user said that he managed to ‘unbrick’ his sister’s TV by performing a hard-reset (returning the TV to the factory settings).
Netflix is so gauche
And in hoping I haven’t bored you to death with my cybersec ‘penny dreadfuls’, the last story comes all the way from Kansas. Darren Cauthon, the protagonist and a software dev in his spare time, said that back in 2015, his Google Android-powered smart tv picked up a bug during his attempt at downloading a movie-streaming application.
Cauthon recalled streaming some flick when all of a sudden, the screen froze. Naturally, he tried rebooting the TV. However, upon restart, instead of the familiar LG start screen, Cauthon was met by a message allegedly sent by the Federal Bureau of Investigation. Apparently, the software dev was informed that due to some “suspicious files”, the device has been locked. The full text reads:
Department of Justice
Federal Bureau of Investigation
Washington DC Department, USA
As a result of full scanning of your device, some suspicious files have been found and your attendance of the forbidden pornographic sites has been fixed. For this reason, your device has been locked. Information on your location and snapshots containing your face have been uploaded on the FBI Cyber Crime Department’s Datacenter.
Of course, Cauthon’s first thought was ransomware. And yes, his hunch was right – after downloading the wrong movie-streaming app, his TV became infected with FLocker, otherwise known as Dogspectus or Frantic Locker, a Cyber.Police ransomware variant. Since the bug made it into his TV and not his PC or phone, Cauthon was able to get rid of it by returning the set to its factory settings.
What’s there to be done if your TV does get a virus?
For the sake of argument, let’s say your smart TV picks up a trojan or ransomware. What are you going to do then? Well, there are several ways to root out malware from your device. Check these out.
1. Force-scan the TV and attached storage devices
Most modern smart TVs have in-built antivirus software. Sure, it’s signature-based and wouldn’t make much of a difference in case of Advanced Persistent Threats, but still better than nothing.
Keep in mind that your TV’s AV is not as sophisticated as the one on your computer. Certain functions like auto-scan or scheduled scans may not be available. So, it’s up to you to conduct periodical scans of your device. Here’s what to do:
Step 1. Navigate to Settings using your remote.
Step 2. Go to General Settings.
Step 3. Head to System Manager.
Step 4. Under Smart Security, click on Scan.
Step 5. Enjoy a virus-free streaming experience!
(*) This method applies to Samsung smart TVs. For other brands, please consult the user’s manual. Look for things like “smart security”, “smart hub”, or “online security.
2. Return TV to factory settings
Just like Cauthon, you could return your smart TV to factory settings in case of a ransomware infection. Bear in mind that in a Denial-of-Service attack, some or all of your TV’s functions will be disabled. This means that you will need to find an alternative way to do that. My advice to you would contact your brand’s customer service for technical info.
Now, if you’re the ‘proud’ owner of Samsung smart just like I am, you can find the reset to the factory settings option in Support, under Self-Diagnosis. Keep in mind that you might be required to provide your PIN code to complete the operation (if you haven’t messed around with the security settings, the default PIN is 0000). Bon chance!
3. Regular software updates
Yes, I know that this tip does not qualify as a fix, but you know how it goes with that proverbial ounce of prevention. Anyway, keep your TV’s firmware and all downloaded apps up to date. Almost all smart TVs have an auto-updater or, rather, semi-auto update feature since it will prompt you to install the latest version.
If you have an older set, try checking at least once per month for any updates. Do the same for your apps. Why keeping everything up to date? Because over 80 percent of malware infections occur due to outdated apps which turn into breach points.
4. Wired over wireless
If you can choose between a wired and a wireless connection, go with the first. Wired connections are harder to hack compared to the wireless ones. Of course, there’s the entire cable management issue, but everything can be solved with a bit of patience and some cable ties.
5. Avoid shady vendors
Now, if that TV really can’t wait, do yourself a favor and buy yours from a legit vendor. Don’t fall for bogus discounts, giveaways, or whatnots because that’s how you end up with rip-offs and malware-infected devices. Lesson learned – say YES to Samsung or LG and NO to Samysung or MG.
6. Refrain from plugging (infected) USB sticks into your TV
Seems pretty obvious, but I still need to say it: never, ever stick a malware-infected memory stick or portable hard-drive into your smart TV. It would be wise to run a quick scan on your PC or Mac before plugging in the stick. And I wouldn’t recommend using sticks other than your own.
7. Ditch generic web browsers
If you don’t have an Android smart TV, then you’ve no other choice but to use the in-built one. Now, if you really don’t like the default one, you should stick with the usual ‘suspects’ like Chrome, Mozilla, Firefox, Opera, or Brave. Why? Because they’re much more secure compared to generic ones.
So, can a smart TV get a virus? That would be a “yes”. Still, you should take this with a grain of salt – sure, malware can brick your TV or whatever, but it’s still not nearly as dramatical compared to what would happen if the same bug got into your computer.
As always, keep your apps up to date, perform regular scans, avoid dubious memory sticks, and stick with the big brands. For any question, comments, rants, or suggestions, feel free to shoot me a comment. Cheers!
The post Can a Smart TV Get a Virus? appeared first on Heimdal Security Blog.