When shopping for the best streaming devices, it can be tempting to seek out the cheapest option, one that has all the features of more expensive models at a fraction of the price. While that can sometimes lead to some spectacular budget buys like the Roku Streaming Stick 4K, it can also lead you to some pretty sketchy devices that, according to a new report, come preloaded with malware.
The devices under fire for distributing malware are made by AllWinner and RockChip, two Chinese-based companies that have hundreds of 5-star reviews on Amazon.
First discovered by a Redditor, Daniel Milisic, and corroborated by an independent security researcher who spoke to TechCrunch, models like the AllWinner T95 that’s currently sold on Amazon for $35 connect to a botnet of thousands of other devices in homes all over the world. Currently, all these devices are instructed to secretly download a clickbot that will click on ads in the background to generate money for the device’s manufacturer.
This is fairly innocuous for malware, but the way the distribution of malware works is that at any time that botnet could be reprogrammed for a more nefarious purpose — like stealing user data — and the owners would be none the wiser.
So what do you do now?
Thankfully, Milisic reported the botnet network to the internet hosting company that was hosting those servers and it pulled them offline. That said, they could easily go back online with a new provider at any time.
“I think the only way to mitigate this problem is to hold retailers to a higher standard,” Milisic told TechCrunch. “[Amazon’s] not allowed to sell children’s toys made out of spinning razor blades, why is it OK to let small, unknown vendors sell computers acting maliciously without owners’ knowledge and permission?”
The point is a good one — but an Amazon representative declined to comment on whether the company would take steps to prevent problems like this in the future.
This leaves users with a tough choice: either toss the Android TV box they just bought and buy one from a more reputable company, or continue using the one they have and risk future consequences if/when the bot network comes back online.
According to Tom’s Guide’s Senior Editor of security and networking, Anthony Spadafora, "You always have to be careful when buying any internet-connected device. Going with something cheaper may seem like a win at first but if your data is stolen or hackers manage to steal your identity, that cheap Android TV box will end up costing you a whole lot more. This is why you want to stick to known vendors and do plenty of research before buying any gadget. Even on Amazon, Walmart and other well-known sites, compromised devices like these can slip through the cracks and put you and your family at risk."
Need a new Android TV box? Here’s our top 3 picks
Thankfully not all Android TV boxes come preloaded with malware, and there are a few truly excellent devices out there worthy of your time and money.
In my experience, the best Android TV box with the best specs, performance and most flexibility for customization is the Nvidia Shield. It’s on the pricier side at $149, but it offers ambitious AI upscaling and surprisingly solid game streaming from Nvidia’s GeForce Now service. If you plan on using your Android TV device for more than just streaming the latest Netflix show, it’s a great option.
That said, if you want something cheaper, the Onn Android TV UHD streaming device is similar to the ones made by the Chinese companies without the malware. It’s not as powerful, but it’s the cheapest Android TV device for basic streaming needs.
The middle-of-the-road option is the Chromecast with Google TV, which is like a better version of Android TV. It still has a lot of the same features as Android TV like the ability to Cast shows and movies from your phone, but the Google TV interface does a much better job surfacing and recommending new content for you to watch.