I don't know which brand it is, but there *is* some brand of Android TV that exposes the adb interface directly to the Internet. In practice, this means that just by knowing the IP address of the device, you can log into it from anywhere in the world - and log in as root and no password!
There is, of course, a worm/botnet that exploits this. I'm tracking these attacks with my ADB honeypot:
https://pandora.nlcv.bas.bg/grafana/d/6Fh36QEmk/adbhoneypot?orgId=1
VessOnSecurity
npub1gx…7tun6
2025-11-24 20:09:54 UTC
in reply to nevent1q…drj7
Author Public Key
npub1gxa39sc7wtpmatdx9rkplkplaquyug2vfhk23dl54slsnmuzf45sh7tun6Seen on
wss://relay.momostr.pinkPublished at
2025-11-24 20:09:54 UTCEvent JSON
{
"id": "d8e303e6ae2da464fd38a31914d5ff619762da8d96103fc88fc108b5347265a9",
"pubkey": "41bb12c31e72c3beada628ec1fd83fe8384e214c4deca8b7f4ac3f09ef824d69",
"created_at": 1764014994,
"kind": 1,
"tags": [
[
"e",
"da3b81762eaa433f63ce4cc0fae55eb203acaedc2038d0d201aab73b92e6b1cd",
"",
"root",
"662250ce4d037de109a64a6a0230f7899f922b76346388b3e7ca06fe9490358d"
],
[
"p",
"662250ce4d037de109a64a6a0230f7899f922b76346388b3e7ca06fe9490358d"
],
[
"proxy",
"https://infosec.exchange/@bontchev/115606486649283706",
"web"
],
[
"proxy",
"https://infosec.exchange/users/bontchev/statuses/115606486649283706",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/bontchev/statuses/115606486649283706",
"pink.momostr"
],
[
"-"
]
],
"content": "I don't know which brand it is, but there *is* some brand of Android TV that exposes the adb interface directly to the Internet. In practice, this means that just by knowing the IP address of the device, you can log into it from anywhere in the world - and log in as root and no password!\n\nThere is, of course, a worm/botnet that exploits this. I'm tracking these attacks with my ADB honeypot:\n\nhttps://pandora.nlcv.bas.bg/grafana/d/6Fh36QEmk/adbhoneypot?orgId=1",
"sig": "89a4776bc270ed8b340fd05e38232652fb35e39a2a58871e2d8364bc826b9517c999dce374940d0f01fafb66999d9a5c1ebc3f2bc3b402d667065d0aa86814a6"
}