Security News > 2023 > September > Mirai variant infects low-cost Android TV boxes for DDoS attacks
A new Mirai malware botnet variant has been spotted infecting inexpensive Android TV set-top boxes used by millions for media streaming.
The primary targets of this campaign are low-cost Android TV boxes like Tanix TX6 TV Box, MX10 Pro 6K, and H96 MAX X3, which feature quad-core processors capable of launching powerful DDoS attacks even in small swarm sizes.
Dr. Web gives examples of Android apps that infected devices with this new Mirai malware variant.
Dr. Web reports the malware can perform DDoS attacks over the TCP and UDP protocols, like generating SYN, ICMP, and DNS flood requests, as well as opening a reverse shell, mounting system partitions for modification, and more.
Budget-friendly Android TV boxes often have a murky journey from manufacturer to consumer, leaving the end-user in the dark about their origins, potential firmware alterations, and the various hands they've passed through.
How the FBI nuked Qakbot malware from infected Windows PCs. GRU hackers attack Ukrainian military with new Android malware.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks (source)
- Google fixes two Android zero-days used in targeted attacks (source)