SECURITY NEWS – Last week, I wrote an article about some brands/models of mini PCs selling with pre-installed malware. As a result of that article, two mini PCs that we reviewed here on The Gadgeteer were found to have malware installed. That prompted a new rule for the team to do malware scans for any mini PCs, laptops, and desktop PCs that we review and add the results of those scans in the review itself.
Now, another security issue has come to light; this time, it is with Android devices like Android phones, tablets, TV boxes, etc. One of our readers commented on a recent Android TV review with a link to an article from Tom’s Guide where malware was found on some Android TV boxes due to the fact that the devices were not Google Play Protect certified. The article linked to a page on Google talking about why this certification is important. You can read about it here. But the TL:DR version of the article is that when Android devices are not Google Play Protect certified, they may not be secure. The article goes on to provide the simple steps necessary to test if a device is certified. Even more info can be found on this page at Android.com
So, just like mini PCs, we’ve also reviewed quite a few 3rd party Android devices, so once again, I sent an email to the team asking them to check their recently reviewed Android devices to see if they are Play Protect certified and many weren’t.
We found one Android device that was exhibiting dangerous behavior!
During our testing, we actually found one device that went beyond not being certified but was actually exhibiting some concerning behavior that was flagged as such his Netgear Orbi 960 wireless router. The device is the Mecool KM7 Plus Android TV box. Julian had it hooked up to a TV, but it wasn’t powered on. When he powered it on, the following alerts immediately showed up on his phone from his router:
A quick Google of the logic-loom.net website gave me this info:
Another search/scan of the other website gave me this:
You might be wondering what this type of behavior can do. Why does a device visiting a website even matter? I’ll admit that I used to think that way. The problem is that these sites can potentially data mine your account information for various apps and use your user ID and login info to back door into services to get your payment info and potentially use that info to steal your identity, among other things.
I want to make it clear that just because an Android device is not Google Play Protect certified, that does not mean that it actually has malware installed or that it will try to steal your info. This information is provided so that you can do your due diligence to keep your information safe.
Devices we have reviewed that aren’t Play Protect certified:
Boox Tab Ultra C Pro – ePaper tablet
Boox Tab mini C – ePaper tablet
Boox Page – eReader
MECOOL KM7 – Android TV box
Devices we have reviewed that are Play Protect certified:
I want to say once again that just because a device isn’t Google Play Protect certified, it doesn’t mean that the device will have malware installed on it. But, I thought it would be for everyone’s benefit to include testing in our future Android device reviews to let buyers know one way or another about an Android device’s Play Protect certification status.