Security News > 2023 > September > Mirai variant infects low-cost Android TV boxes for DDoS attacks
A new Mirai malware botnet variant has been spotted infecting inexpensive Android TV set-top boxes used by millions for media streaming.
The primary targets of this campaign are low-cost Android TV boxes like Tanix TX6 TV Box, MX10 Pro 6K, and H96 MAX X3, which feature quad-core processors capable of launching powerful DDoS attacks even in small swarm sizes.
Dr. Web gives examples of Android apps that infected devices with this new Mirai malware variant.
Dr. Web reports the malware can perform DDoS attacks over the TCP and UDP protocols, like generating SYN, ICMP, and DNS flood requests, as well as opening a reverse shell, mounting system partitions for modification, and more.
Budget-friendly Android TV boxes often have a murky journey from manufacturer to consumer, leaving the end-user in the dark about their origins, potential firmware alterations, and the various hands they've passed through.
How the FBI nuked Qakbot malware from infected Windows PCs. GRU hackers attack Ukrainian military with new Android malware.
News URL
Related news
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- iOS devices face twice the phishing attacks of Android (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Cloudflare mitigates record number of DDoS attacks in 2025 (source)
- DDoS attacks jump 358% compared to last year (source)
- Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks (source)
- Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks (source)
- New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors (source)