Android Malware Holds Smart TVs for Ransom

Staff Writer
Updated

Android-based smart TVs may be a great way to add apps to your living room, but the same malware that hijacks Android phones and tablets is now targeting the biggest screen in the house. The Tokyo-based security firm Trend Micro reported on Monday (June 13) that FLocker (short for "Frantic Locker") ransomware is now capable of locking up Android TV sets.

Credit: Sergiy Palamarchuk/ShutterstockCredit: Sergiy Palamarchuk/Shutterstock
The latest variant of FLocker displays a purported notification from a law-enforcement agency, including the Japanese Ministry of Justice and the fictional U.S. Cyber Police. Like similar "police Trojan" ransomware, FLocker first accuses the user of criminal charges, and then demands a "fine" of $200 US in iTunes gift cards.

MORE: What Is Ransomware and How Can I Protect Myself?

While Trend Micro doesn't explain what changed in FLocker to enhance its set of skills, the concept of smart TVs as targets of malware is not new. Last November, security researcher Candid Wueest published a proof-of-concept for smart-TV ransomware on Security Response, a Symantec company blog.

FLocker has been hitting Android devices since May 2015, and Trend Micro claims it's seen more than 7,000 variations of the code in that time. Once the latest version of Flocker lands on a system, it hides in wait for 30 minutes before locking your screen.

Android TV runs on a number of mass-market televisions, including Sony's latest Bravia TVs and Sharp's Aquos line.

In order to keep your Android TV safe from malware, don't use SMS messaging or web browsing on your television. If you must, make sure to never click suspicious links in texts and on sites.

Fortunately, FLocker is not encrypting ransomware. The malware is only locking the device's display. To break free of FLocker, you need to connect the Android TV (or other Android device) to a PC, launch the Android Debug Bridge (which should be presented as an option) and execute the command "PM clear %pkg%".