The Republic’s cybersecurity watchdog and the police have warned against using non-certified streaming devices as these may contain malware that can compromise users’ home networks and personal information.

In a press release yesterday, the authorities said that these devices, known as Android TV boxes, can be plugged directly to the TV to allow users to watch streamed content on their TV screens.

They said there are various types of Android TV boxes. Certified Android TV boxes will support official licensed applications such as Netflix and Disney+.

However, non-certified devices often support illegal streaming sites or distribute malicious applications.

Users who visit illegal streaming sites or download unofficial applications through their non- certified TV boxes may be exposed to malware that can compromise their home networks and perso­nal information.

The malware works by infec­ting the users’ devices with malicious applications, turning it into part of a botnet – a network of compromised computers used to carry out cyberattacks such as Distributed Denial-of-Service (DDoS) attacks and spam campaigns.

DDoS attackers make websites unavailable to legitimate users by flooding the sites with queries.

The malware also commonly steals users’ personal data and users’ Internet Protocol (IP) addresses to commit crimes.

These include phishing campaigns, spam e-mail distribution, ad fraud and online scams.

Users affected by such malware may notice slow device performance, unusual account beha­viour, persistent pop-ups, suspicious programmes, and system instability on their devices.

The authorities advised users to use official streaming ser­vi­ces or purchase certified streaming devices from reputable brands.

They can also buy products from reputable manufacturers that are more likely to produce devices that are secure, while considering industry standards and best practices for Internet of Things.

What to do if your device is infected by malware:

If users suspect that their streaming devices are infected by malware, they should disconnect the device from the Internet immediately.

They should run a security scan, uninstall any suspicious third-party apps and check their bank, SingPass and CPF accounts for any unauthorised transactions.

If malware is detected on their device or there are unauthorised transactions, users should report it to the bank, relevant authorities and lodge a police report immediately.

They should not perform a factory reset before reporting the incident to the police as this could hinder investigations.

Should they believe their accounts have been compromised, they should change their password immediately and enable a multi-factor authentication to secure their accounts.

They can also report the incident to relevant authorities, lodge a police report or report it to SingCERT. — The Straits Times/ANN