As streaming soars and TV cords are cut, Android TV boxes are becoming increasingly popular for their cost-effectiveness and versatility. However, a troubling discovery has been made: some popular devices are riddled with malware, potentially facilitating coordinated cyberattacks.
In response to this unsettling revelation, Google, which is behind the Android TV operating system, has recently issued new guidance. This essential guide aims to help users safeguard their devices, emphasising the importance of Play Protect certification – and how to make sure your device is indeed protected.
This all started when researchers recently discovered that certain Android TV boxes sold on Amazon were infected with malware, turning these entertainment hubs into potential tools for cyber crimes.
In light of these unsettling findings, Google has officially addressed the issue this week with a community post, where the company emphasises its commitment to user security and privacy.
Google stressed that they work closely with official partners to meet strict security and privacy standards, and that these devices undergo rigorous testing to ensure their safety.
Official Android TV OS devices come with Play Protect certification, which means they have Google’s inbuilt malware protection to safeguard your device, apps, and data (see below on how to check whether your box is protected).
The Android TV Malware Menace
Android TV boxes from a couple of China-based companies have been the focus of scrutiny. These devices, which boasted four-out-of-five star ratings on Amazon in the US, have recently been found to harbour malware.
The malware, once activated, connects these devices to a large network (botnet) of other compromised Android TV boxes, effectively turning them into potential weapons for cyberattacks – or simply to make money for unknown individuals.
The malware’s primary function is to act as a ‘clickbot.’ This is a type of program that secretly clicks on digital advertisements without the user’s knowledge. The purpose of these clicks is to earn fraudulent ad revenue.
This process starts as soon as an infected Android TV box is switched on. After activation, the malware reaches out to a control server – essentially the ‘brain’ that governs what the malware does.
The server then sends back further instructions and additional harmful software to the TV box, guiding it to perform various malicious actions.
Android TV VS Android Open Source
One of the confusing aspects of Android TV, is the difference between official Android TV streaming devices – and those that come with a custom version of the “Android Open Source” project.
“Android TV” and the “Android Open Source Project” (AOSP) are two different offerings from Google, each with distinct characteristics and use cases.
Android TV is a specialized version of Android, designed specifically for TVs. It is an official operating system from Google, and it offers a streamlined user interface for television content.
Android TV includes standard Google apps like Google Play, YouTube, and Google Assistant, and it is designed to work seamlessly with a specific set of manufacturers’ hardware.
Android TV also supports a wide variety of apps and services specifically optimized for TV viewing through the Google Play Store. And, in the UK, supported devices also include Freeview Play.
On the other hand, the Android Open Source Project (AOSP) is the open-source version of Android. This means that anyone can access the source code, modify it, and build their own Android system – which is what some manufacturers use for their bespoke streaming devices.
AOSP does not include Google services or apps out of the box, which means that devices built on AOSP might not have access to the Google Play Store or other Google apps, unless they are added separately, often without official licensing or approval from Google.
While AOSP provides the flexibility for customization, it also presents potential security and compatibility issues if not properly managed or maintained.
Verify Your Android TV Device’s Security
Google’s recent community post provides crucial guidance on how to verify the security of your Android TV box.
The post explains that some TV boxes built with the Android Open Source Project may be marketed to appear as Android TV OS devices, some even with Google apps and the Play Store that are not licensed by Google.
These devices are not Play Protect certified.
To confirm whether a device is built with Android TV OS and is Play Protect certified, Google provides an up-to-date list of partners (see below). Users are encouraged to check if their device is Play Protect certified.
If a device isn’t certified, Google recommends contacting the device manufacturer and asking for a fully tested, Play Protect certified device.
How To Check Your Android TV’s Play Protect Certification Status
It’s crucial to ensure that your Android TV box has a Play Protect certification. This certification is a kind of seal of approval from Google.
It indicates that the device contains official apps from Google, which are licensed, and has passed specific tests to check its compatibility with Android.
Only devices with this Play Protect certification are allowed to have Google’s official apps like YouTube or the Google Play Store app.
In other words – while nothing is ever 100% safe – certified Android TV devices are considerably safer, and should be devoid of malware.
Here’s how you can check your Play Protect certification status:
- Open the Google Play Store app on your device.
- At the top right, tap the profile icon.
- Tap ‘Play Protect.’
- Under “Play Protect certification,” you can find out if your device is Play Protect certified.
What If My Android TV Box Isn’t Certified?
If your device isn’t Play Protect certified, Google doesn’t have a record of the Android compatibility test results. This has several implications, according to Google:
- Streaming devices that aren’t Play Protect certified may not be secure.
- Devices that aren’t Play Protect certified may not get Android system updates or app updates.
- Google apps on devices that aren’t Play Protect certified aren’t licensed and may not be real Google apps.
- Apps and features on devices that aren’t Play Protect certified may not work correctly.
- Data on devices that aren’t Play Protect certified may not back up securely.
Google Certified Android TV Devices In The UK
The easiest way to make sure you’re buying an Android TV-based streaming device / Smart TV with Play Protect certification in the UK, is to buy it from one of Google’s official partners.
Of course, there’s also Google’s own Chromecast with Google TV – which includes a somewhat different version of the OS – ‘Google TV’.
You can always find the updated list here, but as of this writing, it includes devices from:
To get more news and guides about streaming TV – don’t forget to Subscribe to our free newsletter.