Home Your Tech Internet of Things FLocker can infect Android OS TVs
FLocker can infect Android OS TVs Featured

FLocker – Frantic Locker – appeared in May 2015. Over 7000 varieties have evolved, and it has jumped to Android OS for smart TVs which is used by Sony, Sharp, Philips and more.

But most of you won’t have to worry unless you use the TV to read email, SMS, or surf the Internet – straight use as a dumb TV should be fine. There is some question about installing apps from non-authorised app stores but as far as I can ascertain major brands lock that up pretty tightly.

The interesting thing is that when it detects Android TV, it simply locks the screen – making the TV useless until a ransom is paid. It can also steal data from the device. It portends the beginning of ransomware for any IoT device.

Trend Micro said the latest batch of 1200 variants came in April and masquerades as the Cyber Police or another law enforcement agency. It accuses potential victims of crimes they didn’t commit. Then, it demands US$200 worth of iTunes gift cards.

When launched for the first time, FLocker checks if the device is located in Eastern European counties: Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia, and Belarus. If so it deactivates itself.

If FLocker reaches a compatible target, it waits for 30 minutes after infecting the unit before it runs the routine. After the short waiting period, it starts the background service which requests device admin privileges immediately. This bypasses Android’s dynamic sandbox. If the user denies this request, it will freeze the screen faking a system update.

Norton by Symantec has also warned of FLocker in the wild. Ironically it was one of the first companies last year to warn of ransomware for smart TVs. It is an interesting read as it also covers things like unsigned firmware updates and how a smart TV could be hijacked to become part of a Botnet or cryptocurrency mining operation.

While the initial version is "defeatable" via a computer with the Android developer tools using the ADB command to kill the process and revoke its administrator access, very few have that expertise. There is some talk of a hardware (not a software menu) factory reset, but depending on set that may not be possible. Smart TV manufacturers can tell you which combination of buttons to press at power on.

Dave Jevans, Vice President Mobile Security at Proofpoint, has provided some insights into this threat and user tips:

“The biggest risk will be on mobile devices where users surf the Internet or receive SMS messages that can spread malicious apps. Typically SMS messages are not enabled on TV sets running Android.  It could be possible to get infected by visiting an infected malicious website on your Android TV," he said.

Consumers can protect themselves by:

  •  not accepting apps for installation that are sent by SMS messages
  •  being very wary of accepting apps for installation from web pages and not an App store
  •  be very wary when apps request for increased access privileges
  •  be extremely wary or do not install apps on Android that have permissions such as:

Enterprises can protect employees mobile devices by deploying an App Reputation and Security service in conjunction with their Mobile Device Management service.


With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!


Popular News




Sponsored News