ADB.Miner on Amazon’s Fire TV devices

357

A new spate of malware infections has the potential to interrupt your viewing as the Amazon’s Fire TV device secretly mines cryptocurrency in the background.

An Android virus, specifically a malware worm variant, has been spreading across Android devices and has started appearing on Amazon Fire TVs and Fire TV Sticks. The worm is not specifically targeting Fire TV devices, but they are vulnerable because of their Android-based operating system. A thread on the XDA forums contains multiple Fire TV owners whose streaming media players have been infected by the malware. Here is everything you need to know about the virus, including what it does, how it spreads, how to know if your devices are infected, how to prevent getting it, and how to remove it if your device is infected.

ADB.Miner is a worm, meaning it can spread to multiple devices across a network. So, users installed an infected app (usually an emulator or streaming app) on the Fire TV or another local Android device. If ADB debugging is enabled on the Fire TV stick, the worm can set up shop there even if it was installed someplace else. Leaving the “unknown sources” toggle for sideloading apps activated could also leave you vulnerable. These are both off by default, so someone would have to make changes in the settings to give the worm access.

When this rogue app infects a device, it installs a seemingly innocuous package called “com.google.time.timer.” The malware consumes resources as it mines cryptocurrency for the malware author. This leads to sluggish system performance and laggy video. Playback will even stop on occasion with a notification that says “Test” in the corner. This popup is often the only sign something is wrong with the system. If you aren’t using the device often, the malware could sit quietly next to your TV and gobble up electricity to make money for online criminals.

The simplest way to know if your device is infected is to see if you have an app named “Test” installed. If the app is present, it DOES NOT appear in the Fire TV’s regular app sections or in the Fire TV’s application management settings. You’ll need to use an app like Total Commander to check for the “Test” app.

Install Total Commander from the Amazon appstore onto your Fire TV device.
Launch Total Commander and select the “Installed Apps” menu item.

If you see an app called “Test” installed on your device, then your device is infected.

The easiest way to get rid of ADB.Miner is simply to factory reset your infected devices. That includes the Fire TV and whatever other Android devices on your network may be acting as carriers. You can manually remove the com.google.time.timer package, but you never know if the worm has left some other nasty surprise. Starting from scratch and being more careful what you sideload is a better bet.

Virtual currency is not legal tender, is not backed by the government, and accounts and value balances are not subject to consumer protections. The information does not constitute investment advice or an offer to invest.

MinerNews.io is is not responsible for the content of external sites and feeds.