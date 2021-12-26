The National Telecommunications Agency (Anatel) discovered the presence of a spy program on pirated TV box devices (the famous “gatonets”) capable of stealing user data. The TV Box HTV device is highlighted, considered the most sold in the illegal market as it is the most seized in inspection and combating piracy operations.

The studies carried out by the agency were based on reverse engineering of unapproved TV box devices, that is, pirated. Conducted by Anatel, the work had the collaboration of technicians from the National Cinema Agency (Ancine) and the Brazilian Pay Television Association (ABTA).

According to Anatel, the malicious software is capable of allowing criminals to take control of the TV box to capture a variety of user information. Among this data are financial records or files and photos that are stored on devices that share the same network.

The studies carried out by the agency also showed that, during the normal operation of the TV box, malware was updated via botnet, with a command server being able to remotely operate the applications installed on the device and perform denial of service (DoS) attacks against another networked system.

Depending on the infrastructure, criminals could simultaneously take control of several of these TV box devices, which would enable distributed denial of service (DDoS) attacks, with the potential to harm public and private institutions that use telecommunications networks, bringing down websites and performing other types of harmful operation.

To carry out tests under conditions similar to those of the common consumer of these pirated devices, Anatel used “gatonets” available in popular commerce centers and in marketplaces. In addition, the agency had the support of forensic experts, using a residential infrastructure consistent with that of the end user.

Devices need Anatel approval

The tests will continue to be carried out, covering other TV box models, the technical report of the reverse engineering studies on the devices can be accessed here. Anatel informs that telecommunications equipment needs approval from the agency to be sold and used in Brazil.

“The conformity assessment and approval process seeks to guarantee minimum quality and safety standards. Devices not approved for receiving cable TV signals or video on demand can access content protected by copyright, which is a crime”, says the note.

Illegal box TV sets adapt televisions to play streaming content and, to a large extent, also allow users to illegally access pay TV channels. Along with the Action Plan to Combat Piracy (PACP), created in 2018 by Anatel, just in the last two years, around 1.1 million TV box sets that were not approved have already been withdrawn from the market.

