The Android-based TV box infection known as Android.Vo1d has affected about 1.3 million devices in 197 countries, with the majority of infections found in countries like Brazil, Russia, and Saudi Arabia. The malware is a backdoor capable of secretly downloading and installing third-party software when commanded by attackers. The trojan disguises its components as system files like vo1d and wd, using methods like modifying install-recovery.sh and daemonsu files, and substituting the debuggerd program. The attackers likely targeted TV boxes due to outdated Android versions and users’ misconceptions about their security. Dr.Web antivirus can detect and cure infected devices.
https://news.drweb.com/show/?i=14900