Security researchers are warning about a sprawling Android-based botnet called Popa that can force millions of consumer TV boxes to relay internet traffic tied to ad fraud, account takeovers, and mass data scraping. This botnet can register a device, keep encrypted connections open, and route traffic through that device when needed, making it appear as though the traffic is coming from an ordinary household instead of a suspicious server farm.
What This Means for Homeowners
The concern goes beyond one shady app or one off-brand gadget, pointing to a bigger problem sitting in living rooms across the country. If a device or app can route someone else’s traffic through your home connection, you need to know before you plug it in. This problem goes beyond cheap Android TV boxes, with research from Spur finding that some smart TV apps can include hidden tools that share your home internet connection with outside companies.
To protect your home network, be careful with any streaming device that promises free access to paid content. Watch for Android boxes advertised as ‘unlocked,’ ‘fully loaded,’ or loaded with premium channels. The FBI lists several warning signs, including devices that require Google Play Protect to be disabled, apps from suspicious marketplaces, generic streaming boxes from unknown brands, Android devices that lack Play Protect certification, and unexplained internet traffic.
Stick with trusted streaming platforms and certified devices from known brands. Unplug any no-name Android TV box, unlocked streaming device, or gadget that required you to disable Google Play Protect. Then, remove it from your router’s connected-device list. If unknown devices appear on your router, change your Wi-Fi password. After that, reconnect only the devices you recognize.
Install apps only from official stores on your smart TV, Fire TV, Apple TV, Roku, or Android TV device. Avoid sideloading, which means installing apps from outside the official app store, unless you fully trust the source. Keep your router, smart TV, streaming stick, and other connected devices updated. Firmware updates often fix security holes that attackers love to exploit.
Original reporting: Fox News (HLL/CB) — read the source article.