Reverse engineering Android malware from popular Chinese projectors
zanestjohn.comWow this is pretty insane, the whole supply chain of these things might look similar to the practises described in this article: https://www.chinatalk.media/p/how-to-buy-cheap-claude-tokens...
HN discussion: https://news.ycombinator.com/item?id=48165492
Like many people, I've always been vaguely suspicious of IoT devices like these. But I've never seen reverse engineered what it is they actually do. The conclusion goes way beyond my expectations and is rather chilling:
>My $35 projector wasn't just spying on me. It was selling my network. Anyone who paid Kookeey for proxy access could route their traffic through my IP
Now that's just kooky! Sorry, I had to.
I’m immediately suspicious of cheap chinese crap like this.
$35 for a projector should cause you to raise at least one eyebrow.
Also, as always with “IoT” type devices, they’re best kept in an isolated VLAN with no internet access.
This would typically not be referred to as a "remote access trojan". It's just an updater, or perhaps a dropper if you want to make it sound more scary.
This is the first time I've read an AI-heavy piece and stayed engaged with it all the way through. I think the author's sharing the prompts was key to that experience.
As it should be!
We need supply chain protections for the regular consumer now.
Best the FCC is going to do is a misguided blanket “China bad!” router ban because Elise Stefanik got a little lobbying birdie in her ear from a certain American drone manufacturer.
Back at my old job we would get regular text messages and emails from the Chinese government when a piece of software or plugin in our public web-stack had a new cve or malware…
100% governments needs to crack down on these manufacturers and basically say that if China does not stop this insanity then importing them in to the US or EU will become illegal since its a national and personal security risk.
Not going to happen. Governments are very complacent. The UK only recently banned Chinese IP CCTV cameras from sensitive government sites!
Its impossible to do with anything that gets updates. You never know what the next update will bring. Obviously things that connect to the internet and do not get updates are hopelessly insecure. its also pointless for anything controlled by an app through a server (anything from cars to fridges these days) as you cannot control what the server does.
Governments will also find excuses not to do this as its expensive and inflationary. They will play down the risk, point out the Americans can do it too, etc.