There is an estimated 400,000 homes across Ireland that use dodgy boxes to stream content illegally in their homes, that could all fall victim to a serious threat
Dodgy-boxes have become widely used in Ireland
Millions of TV boxes and similar devices used for illegal streaming could now be infected by dangerous malware experts are warning.
Dodgy boxes have grown in popularity over the years, alongside the rise of streaming services. People can pay as little as €40 or €50 per year for the modified device, which allows users to access different streaming platforms at no additional cost.
In Ireland there are an estimated 400,000 households in Ireland that could be at risk for what experts are saying is the most serious threat to global internet security seen in years – the so-called ‘Kimwolf’ botnet.
In the last few months, cybersecurity experts have been monitoring a new ‘botnet’ – a global network of private computers and devices that have been infected with malicious software (malware) and are now under the remote control of criminal gangs.
The gangs are using off-brand Android TV boxes as Trojan Horses, to smuggle pre-installed Malware into the home devices and networks of people who buy them.
There are fears that these dodgy boxes used to stream TV services could act as a spy in your home, stealing your most sensitive data and infecting other devices anywhere in the world, reports Cork Beo.
These infected devices can both relay sensitive information from that device and use it to spread the infection to other devices, which are then joined to the ‘botnet’ as the malware spreads exponentially.
The Kimwolf malware is also using the net to launch distributed denial-of-service (DDoS) attacks.
These are mass attacks on websites and information systems designed to take them down. They are a version of the attack on May 14th 2021 that targeted Ireland’s Health Service Executive (HSE) – this ransomware cyberattack caused all of its IT systems nationwide to be shut down for months and is believed to have been orchestrated by a Russian-based criminal network.
The latest major botnet concern – dubbed ‘Kimwolf’ – uses ‘residential proxy networks’, which are popular with people looking to anonymize and localise their web traffic to a specific region – to bypass firewalls and other protections.
These TV boxes are now being used by criminal gangs based mostly in Russia and Asia – making money by ‘renting out’ the devices and bandwidth they have captured and are now controlling.
By using a hidden tool called Byteconnect SDK, they can secretly install apps on our devices, earning a referral fee for each one without the owner ever knowing. They can also operate a DDoS-for-hire service, renting out the entire 2-million-device army to other criminals looking to take down a major website or network – as happened with the HSE in 2021.
If you want to get more information on how to protect yourself – or wish to report suspected fraud – Ireland’s National Cybersecurity Centre has plenty of online resources here.