Security News > 2020 > August > Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers

Vulnerabilities Expose Popular DVB-T2 Set-Top Boxes to Botnets: Researchers
2020-08-27 14:31

Avast security researchers have identified vulnerabilities in DVB-T2 devices that could allow attackers to ensnare them in botnets.

Many such set-top boxes are primitive, consisting of a TV tuner and an output device, some packing Internet support, and many are highly insecure, Avast's security researchers reveal.

Analysis of two popular devices, namely Thomson THT741FTA and Philips DTR3502BFTA, revealed a series of vulnerabilities that could be exploited to inject malware and create botnets of set-top boxes.

The researchers discovered that it was possible to move the DNS hijack attack to the device, and that persistent storage on the device was also available, which could essentially allow an attacker to store malware payloads or other tools, thus persisting through reboots and resets.

The researchers successfully downloaded a Mirai version onto the set-top box, which, they discovered, closed the telnet daemon, thus preventing other malware from infecting the same device, and started scanning the Internet for additional devices to infect.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/ATcO-OLn5hA/vulnerabilities-expose-popular-dvb-t2-set-top-boxes-botnets-researchers