Critical security vulnerabilities have been found in the Uhale Android-based digital picture frames, with some devices capable of downloading and executing malware at boot time. A recent security assessment by mobile security company Quokka revealed alarming behavior suggesting a connection with the Mezmess and Voi1d malware families.
The researchers discovered that many investigated frames download malicious payloads from China-based servers as soon as they boot up, with the Uhale app initiating the download and execution of malware after updating to version 4.2.0. The devices in question had compromised security modules and default root access, making them vulnerable to attacks.
In addition to the malware delivery issue, Quokka found more than a dozen vulnerabilities, including insecure TrustManager implementations, command injection, and unauthenticated file uploads. These security gaps pose significant risks to users’ devices and personal data.
With over 500,000 downloads on Google Play and numerous user reviews, it’s unclear how many Uhale-branded photo frames are affected by these vulnerabilities. Experts recommend that consumers only buy electronic devices from reputable brands with official Android images and built-in malware protections.
The lack of response from ZEASN (now ‘Whale TV’) regarding the security issues is concerning, and users are advised to be cautious when using these devices until further notice.
Source: https://www.bleepingcomputer.com/news/security/popular-android-based-photo-frames-download-malware-on-boot