People watching TV with an Amazon Fire Stick have been warned about a secret app trying to steal their data. The sticks are popular across the UK as a simple way of watching a host of TV channels.
However, some spyware masquerading as a health app has been found on the Amazon Appstore and it has lead to a warning to Amazon Fire users. They have been urged not to download an app named ‘BMI Calculation Vsn’, which is designed to pilfer data.
The rogue app was unearthed by researchers at McAfee Labs who promptly alerted Amazon. Although the spyware has been removed from the store, those who have already installed it will need to delete it manually and run a full scan to ensure their device is clean.
Read more:
The app requests permission to “start recording or casting”, with options to “cancel or start now”. It also displays a lengthy text that states: “BMI Calculation will have access to all of the information that is visible on your screen or played from your device while recording or casting. This includes information such as passwords, payment details, photos, messages and audio that you play.”
The app first appeared on October 8, but by month’s end, its icon, certificate information and functions had been altered.
The spyware can also access SMS messages sent and stored on the device – including one-time passwords. The Amazon Appstore, a third-party platform for Android devices, comes pre-installed on Amazon Fire tablets and Fire TV.
It also provides Amazon Prime games and content and serves as an alternative to Google Play. The BMI Calculation Vsn app, published by ‘PT Visionet Data Internasional’, was marketed as a tool for users to calculate their body mass index (BMI).
Users of illegally modified Fire Sticks used to stream premium TV have been warned they could be hacked by spies. There has been a significant crackdown on illegal streaming of Sky channels and Premier League games over the past year by the police.
Last month, a massive operation across several European countries led to the shutdown of a network used by 22 million people. Five UK addresses were raided as part of the anti-piracy effort.
As a result, one hundred domains have been taken offline. It’s worth noting that illegal streaming platforms often have connections to organised crime.