[ad_1]
Does the offer "Do not pay for the cable" tempt you?
That should not be. This should seem hateful, not only because hacking is illegal and unfair to content creators, but also because researchers have discovered that pirated streaming devices are full of malware and / or open the door to their release.
According to a report released Thursday, researchers have discovered that many devices are equipped with malware, either on preinstalled applications or added later.
In order to assess the ongoing hacking ecosystem, researchers at cyber security firm Dark Wolfe Consulting and Digital Citizens Alliance (DCA), a consumer-centric group dedicated to Internet security, have purchased six streaming devices using the Kodi platform.
Kodi is a free, open-source, media player that is very useful for modifying and adding pirated streaming devices. Researchers verified among Kodi devices that 70% had been reused or loaded with applications that access unlicensed content.
These devices are purchased by people who prefer not to pay for content and who may not be aware of the extreme risks we run when we connect them to our home or office network. That's a lot: the researchers noted that in December, there were about 12 million active users of the "TV Addons" application repository, which runs under Kodi.
The devices are very cheap compared to a legitimate Apple TV or Roku streaming device and at subscription prices for Netflix, Hulu or HBO broadcasts. Kodi devices, sometimes called "Kodi boxes" or "jailbroken Fire TV Sticks", look and act like real streaming devices. You can buy them in the two underground markets on the dark Web or on the sunny side of the street in places such as Facebook Marketplace, Craigslist or eBay, for a single fee of 75 to 100 USD.
This will give you access to what researchers view as a range of pirated content in full swing, including the latest movies – even when they're still in theaters – or live events such as boxing matches at the map or high-level football matches. The report includes a screenshot of a hacking application, Exodus Redux, which featured movies such as Aquaman a full week before its release in December.
In Spider-Verse or in a world of e-injured?
The researchers said that what most users do not realize, is that plugging one of these devices into their home network is like pulling a Trojan through the main gate: these devices allow hackers bypass the firewall security of the home network router, for example. All applications already on the box or downloaded later can trigger malicious programs, all under the pretext of "free" content.
The devices are easy to exploit for hackers for several reasons: first, they are connected to the home network and bypass the security of the router. Secondly, normal security protections are usually not installed or disabled to support continuous hacking applications. On Androids, for example, disabling security features opens a specific Internet port that botnets consistently search for. This leaves the devices open to allow hackers to target and then infect.
In addition, users often have to grant full administrator access to use the applications, including permission to access all of the device's memory, location, and location. 39, other safety protections. In other words, the users give the keys of the kingdom.
Home very much not alone
During 500 hours of laboratory testing, researchers were confronted with these and other risks by stating:
- As soon as a researcher downloaded the Mobdro application for the illegal distribution of live sports movies and broadcasts, the malware in the application transferred the Wi-Fi network name and the researcher's password to a server. apparently Indonesian.
- Malware has polled the network of researchers for vulnerabilities to access files and other devices. Malware downloaded 1.5 terabytes of data from the investigator's device without permission.
- Mobdro has sought to access multimedia content and other legitimate applications on the researcher's network.
- In one scheme, scammers have proposed illegally using a legitimate Netflix client subscription, such as Netflix, as well-known streaming sites.
GroupSense, a cybersecurity company, collaborated by infiltrating dark Web chat rooms, where it uncovered hackers seeking to exploit the vulnerabilities of hacker-based applications, as well as using malicious software to drive devices into a network. botnet in order to use them during attacks or cryptography. Other discussions focused on how to obtain information stored on devices, such as photographs, passwords and credit cards.
The possibilities of mischief and chaos are multiple, says the report:
Since users rarely install anti-virus tools on such devices, there are many possibilities for exploitation.
Arrrrr, ouch!
Keep in mind: Digital hackers might think that ripped media is free, but it's not a good deal considering these serious risks.
Researchers want to see these measures taken to reduce these security risks:
- The forces of order should give priority to the investigation and prosecution of these criminal networks.
- Consumer protection agencies, both federal and state, should warn consumers of the risks that illicit devices and hacking applications present for their safety and home appliances.
- Government agencies and businesses should warn employees of the potential risks of using these devices on their networks so that they do not become a means of accessing networks or stealing sensitive information.
- Digital markets such as eBay, Craigslist and Facebook Marketplace should prohibit the sale of hackers.
[ad_2]
Source link