Amazon Fire TV security patch stops crypto-miners from hacking your set-top box

News
By published

Software update 5.2.6.6 is crucial for all Fire TVs made before 2017

Earlier this year, older Amazon Fire TV models were overtaken by a malicious worm that spread from between devices using the set-top box's ADB (Android Debug Bridge) connection. Today, Amazon has released a patch that will plug the hole in the vulnerability and stop the infection in its tracks.

The software update – version 5.2.6.6 – is now available for Amazon Fire TV, Amazon Fire TV Stick and Amazon Fire TV Edition televisions, and it'll disable ADB by default. It'll also prompt users every time a device wants to install a new piece of software on their device. In the past, once you approved one ADB connection, any device could then connect to your Fire TV and install some code without asking. 

The offending exploit from February helped spread a pretty vicious malware worm called ADB.miner and the unchecked vulnerability of Amazon Fire TVs was used to mine cryptocurrency. This caused massive slow downs on infected devices, leading to long install times and abrupt crashing in the middle of streamed content.

The silver lining in all this is that newer devices, like the Amazon Fire TV Cube and latest version of the Amazon Fire TV, weren’t impacted by the malware as the protocol of asking before installing any software was built in from the start. 

So why have ADB in the first place?

This all raises the question: If ADB is such a vulnerability, why even allow it to exist on Amazon Fire TV devices? 

The answer is that ADB gives users some customizability options for their Fire TV – allowing you to install apps that aren't available on Amazon's limited Fire TV store (called sideloading). 

Sideloading is most often used by the KODI/XMBC crowd to install the app on the Fire TV, creating an even more robust streaming device that can stream local video content as well as content from traditional sources like Netflix and Amazon Video. 

Now that the ADB vulnerability is fixed, you'll be prompted before any additional software is installed on the device, quashing bugs like ADB.miner in its tracks.

Source: AFTVnews

See more Television News
TOPICS
Nick Pino
Nick Pino

Nick Pino is Managing Editor, TV and AV for TechRadar's sister site, Tom's Guide. Previously, he was the Senior Editor of Home Entertainment at TechRadar, covering TVs, headphones, speakers, video games, VR and streaming devices. He's also written for GamesRadar+, Official Xbox Magazine, PC Gamer and other outlets over the last decade, and he has a degree in computer science he's not using if anyone wants it.

Latest in Streaming Devices
Amazon Fire TV Stick
Amazon's Fire TV Stick 4K is back down to 40% off – give your older 4K TV a cheap smart upgrade
Google Chromecast 2
Google rolls out another Chromecast bug fix for users who factory-reset their devices
Google Chromecast 2
Google is finally rolling out a fix for broken Chromecasts – just as new bugs appear on the Chromecast with Google TV
Best Google Chromecast Apps
Following recent problems, Chromecasts are getting a free update to Android 14 – here's what that means
Google Chromecast 2
Chromecasts are still broken – but Google tells fuming owners not to factory reset their devices
Google Chromecast 2
Chromecast users are getting increasingly angry about a weird 'untrusted device' bug that blocks casting – but a fix is coming
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
More about streaming devices
Amazon Fire TV Stick

Amazon's Fire TV Stick 4K is back down to 40% off – give your older 4K TV a cheap smart upgrade
Google Chromecast 2

Google rolls out another Chromecast bug fix for users who factory-reset their devices
Nimo N172 laptop

This obscure laptop brand sells a 64GB AMD Ryzen 9 laptop for just over $700 which is faster than the Apple's M4 CPU
See more latest
Most Popular
Nimo N172 laptop
This obscure laptop brand sells a 64GB AMD Ryzen 9 laptop for just over $700 which is faster than the Apple's M4 CPU
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop
One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
Tesla Model Y 2025
Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
Asus NUC 15 Pro+
Asus unveils its most powerful mini PC to date — but I don't think the Intel-powered NUC 15 Pro+ will compete with Strix Halo models
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event