Can your smart TV catch a Virus?
No, not right now....but...
A Twitter post by Samsung became fodder for the internet outrage machine by suggesting that users should periodically run a virus scan on their smart TVs.
“Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks,” Samsung’s support account wrote, following up with a video tutorial on how to launch the McAfee virus scanner built into its latest smart TVs.
Samsung deleted the offending advice soon after, perhaps because it realized the absurdity of encouraging people to treat their TVs like Windows PCs from the 1990s. Still, the damage was done. The company was promptly mocked in articles, snarky tweets, and forum posts, many of which also sneered at smart TVs in general. Ahh, they said, if only our TVs were dumb, we wouldn’t have this problem.
Missing from all the melodrama, however, was any evidence of smart TVs actually being infected by viruses or malware, probably because the odds of this happening are almost nil. Smart TVs are not inherently more dangerous than dumb TVs connected to external streaming devices, and while pre-loading anti-virus software is a bad look for Samsung, it doesn’t mean using a smart TV is a bad idea.
In search of smart TV malware
After reading Samsung’s anti-virus advice and the resulting fallout, I was curious to see whether anyone had reported getting a virus or malware on their smart TV—Samsung or otherwise—in the real world. I searched Google for examples of people reporting viruses, then looked through forums like Reddit and AVForums. Here’s what I came up with:
In 2015, someone infected their Samsung TV by plugging in a thumb drive that already had malware on it.
Also in 2015, a security researcher willingly infected an unnamed Android-based TV, using an attack that required access to his home network.
In early 2016, a Reddit user claimed that their sister’s LG TV was attacked by malware while browsing the web. (SecureList replicated the issue, but found that closing the browser window prevented anything bad from happening.)
In December 2016, a Twitter user reported ransomware on his family member’s four-year-old LG TV, which was running the long-defunct Google TV operating system. (A factory reset eventually solved the problem.)
The common thread here, aside from all these incidents being at least a few years old, is that they all involve unusual behavior. If you’re using a smart TV to access streaming services like Netflix and Hulu from an app store, catching a virus is extremely unlikely. (In fact, the one clear-cut case of malware on streaming devices that I found was not strictly on smart TVs, but on Amazon Fire TV devices with sideloaded apps.) The only reasonable takeaway here is that you should avoid downloading apps from untrustworthy sources, or using your TV’s web browser to visit sketchy websites—advice that applies to pretty much any computing device.
And while it’s true that researchers found vulnerabilities in Samsung’s software a couple years ago, the company has responded with patches and new security measures, just like any other company would when presented with security flaws. In the meantime, we haven’t seen any evidence of those exploits turning up the wild.
So why does Samsung have a McAfee virus scanner on its TVs in the first place? It seems to be part of a broader agreement between the two companies, in which McAfee also preloads its software on Samsung phones and PCs. In these deals, McAfee presumably pays for the privilege, so it can upsell antivirus subscriptions and possibly turn usage data into targeted ads. The good news is that as with any app, McAfee’s smart TV software can also be uninstalled.