Using uncertified Android TV boxes to watch your favourite shows? Here's why you shouldn't

Members of the public are advised to be vigilant about non-certified streaming devices, which may expose users to malware.

Commonly known as Android TV boxes, these devices can be plugged directly to the television to watch streamed content.

There are various types of Android TV boxes. Those that are certified will support official, licensed applications such as Netflix and Disney+, while non-certified devices often support illegal streaming sites or distribute malicious applications.

"Users who visit illegal streaming sites or download unofficial applications through their non-certified TV boxes may be exposed to malware that can compromise their home networks and personal information," said the police and Cyber Security Agency of Singapore (CSA) in a joint advisory on Nov 12.

Malware present in affected TV boxes will infect users' devices with malicious applications, turning it into part of a botnet - a network of compromised computers used to carry out cyberattacks such as Distributed Denial-of-Service (DDoS) attacks and spam campaigns.

The malware also commonly steals users' personal data and users' Internet Protocol (IP) addresses to commit crimes. These include phishing campaigns, spam email distribution, ad fraud and online scams.

Users affected by such malware may notice slow device performance, unusual account behaviour, persistent pop-ups, suspicious programmes and system instability on their devices.

Users are advised to adopt the following precautionary measures to safeguard your personal information and systems against botnets:

1. Use official streaming services or purchase certified streaming devices from reputable brands.
2. Buy products from reputable manufacturers who are more likely to produce devices that are secure, while considering industry standards and best practices for Internet of Things (IoT). Additionally, you can assess a manufacturer's track record of how security vulnerabilities were addressed.
3. Download applications from official application stores and websites. Refrain from downloading applications from third-party websites, as these applications may contain malicious software that gives cybercriminals access to your personal data and device functions.
4. Certain streaming devices supports the use of anti-virus applications. Ensure that these applications are regularly updated so that they can detect the latest malware.

If you suspect your streaming devices have been infected by malware:

1. Disconnect the device from the internet immediately;
2. Run a security scan, uninstall any suspicious third-party apps and check your bank/SingPass/CPF accounts for any unauthorised transaction(s);
3. If malware is detected on your device or there are unauthorised transaction(s), report to the bank, relevant authorities and lodge a police report immediately. Do not perform a factory reset before reporting the incident to the police as this could hinder investigations; and
4. If no malware is detected and there are no unauthorised transaction(s), you may resume usage or choose to perform a full factory reset on the device as a precautionary measure.

If you believe your accounts have been compromised:

1. Change your password immediately and enable Multi-Factor Authentication (MFA), if available, to secure your account. If you have used the same compromised password for other accounts, those passwords should be reset to prevent unauthorised access.
2. Perform a full system scan with an updated anti-virus software if you have clicked on a phishing link or opened a suspicious attachment in a phishing email.
3. If there are unauthorised transactions detected in your bank account(s) and/or suspicious activities in your Singpass account, report the incident to your bank and/or Singpass helpdesk immediately.
4. Report the incident to the relevant authorities and lodge a police report at any Neighbourhood Police Centre or online at https://eservices1.police.gov.sg. You may also wish to report the incident to SingCERT at https://go.gov.sg/singcertincident-reporting-form.

For more information on scams, visit www.scamshield.gov.sg.

• illegal
• scam