Why You Should Think Twice Before Buying A Cheap Android TV Box

It seems like the cost of entertainment is always rising. Streaming services continue to raise their subscription fees, and the hardware you need to run streaming apps on the big screen is also expensive. To cite just one example, Google discontinued Chromecast for the Google TV Streamer, a considerably more expensive gadget with only a few added significant functionalities. But users looking outside of established solutions for a cheap way to enjoy the latest movies and shows could run into major problems.

Looking across online storefronts like Amazon and Walmart, you'll find numerous listings for cheap Android TV boxes. These are tiny, low-end computers running obsolete versions of rooted Android, housed inside a set-top box with HDMI outputs. Generally sold for between twenty and fifty dollars, many are made by brands you've never heard of and come pre-loaded with custom software and apps. Often, they promise to let users circumvent streaming prices with apps like Kodi that can be connected to remote, private media servers full of movies and TV shows. In other words, they promise to make illegal piracy as easy as plugging in and connecting to Wi-Fi.

Of course, piracy is against the law, and you could end up facing legal consequences for using an Android TV box to stream copyrighted media for free. But even if you purchase a box without any illegally sourced content, the much greater danger could be lurking out of sight. Cheap Android TV boxes have been revealed as a major source of malware, which works behind the scenes to compromise your network and even use your connection to commit crimes. Here's what you need to know to stay safe.

Cheap Android TV boxes may promise affordable access to your favorite movies and shows, but buyer beware. They're well known as targets of malware. In 2023, WIRED reported on a botnet called Badbox, which was found to be installed on a number of Android boxes manufactured in China. A botnet is a network of infected devices that hijack your Internet connection to connect with each other and carry out malicious activity as a group, often controlled by a single person or organization. In this case, 20 million devices or more were likely infected across the globe.

The type of crime or fraud carried out through Android TV boxes infected with Badbox can vary. The hacker may sell other criminals access to your home network, making it appear as if their crimes were committed from your IP address. This can lead to victims being blacklisted by their internet providers or even an unexpected visit from law enforcement. Another possibility is code installation or execution, which infects other devices on your network, such as your computer. Victims who aren't tech-savvy may never even notice anything out of the ordinary, since the malware works in the background.

They say everything gets a sequel these days, and in June this year, the FBI warned the public that Badbox 2.0 is on the loose. This time, even devices that come without malware preinstalled may attempt to download it from a sketchy app marketplace. Either the malware downloads in the background when connected to the internet, or it coaxes the user into downloading it from a sketchy app store. So, how can you tell which devices are safe?

This may seem obvious, but it's best to avoid buying one of these sketchy, off-brand TV boxes in the first place. Some of them might do what their sellers claim, but it's simply not worth the risk. If you're looking for easy access to free movies and TV shows, check out some of the best free streaming apps instead. As far as the hardware you run those apps on, sticking to well-established brands like Amazon, Google, or Roku is a safer bet than rolling the dice on the unknown. Google maintains a list of partner companies which sell Play Protect certified devices for the best protection. Additionally, you should avoid secondhand TV boxes, regardless of the brand. You may not find out whether they've been tampered with until it's too late. If you already own a budget Android TV box that doesn't have malware, the FBI cautions against installing apps from unknown sources, especially from app stores that advertise pirated content.

Ultimately, some blame lies with marketplaces as well. During the course of reporting this article, we found multiple suspicious listings simply by typing "TV box" into the search bar on Amazon or Walmart. It's a bit like selling poisonous mushrooms alongside shitakes at the grocery store. These listings are riddled with red flags, including nonsensical grammar that hints at pirated content, and some are among the devices security researchers have identified as dangerous. We even found a Prime listing for the T95, which was the first box found to carry Badbox malware. Two years after Amazon was called out by the EFF for selling it, that dangerous box now has a 4-star rating with free overnight delivery.