Top YouTube app for Android TV compromised to serve malware - here's what we know, and how to stay safe

(Image credit: SmartTube)

A malicious library slipped into SmartTube updates without users noticing anything unusual
Play Protect warnings led the community to investigate the suspicious build
The hidden file maintained remote communication channels, alarming users

SmartTube, a widely used YouTube client for Android TV, recently faced a serious compromise after an attacker gained access to the developer’s signing keys.

This breach allowed a malicious update to reach users without any warning, adding a secret native library known as libalphasdk.so [VirusTotal].

Assessment of version 30.51 shows that the hidden library does not appear in the open-source codebase.

This devious malware has jumped from Meta over to Google Ads and YouTube to spread - here's how to stay safe

This devious Android malware spoofs WhatsApp, TikTok and more - here's how to stay safe

Watch out, these malicious Android apps have been downloaded 42 million times - and could leave ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE

Share: