Can An Amazon TV Fire Stick Be Hacked?

Can someone really hack a Firestick? Is this modest device really worth hacking in the first place? There have been rumors and reports about the Amazon TV Fire Stick being hacked for over a year with some instances still being reported twelve months after the initial hack was announced. So what’s the deal? Is the Amazon TV Fire Stick still being hacked?


Streaming

The initial story broke last year when reports said that a botnet was slowly taking over some Amazon TV Fire Sticks. Those that had Kodi installed on them made themselves vulnerable to a crypto miner hack called ADB.Miner. The hack didn’t want access to your account or credit card, it wanted to use your Firestick as a crypto currency miner.

It’s important to know that if you have not jailbroken your Amazon TV Fire Stick, it is not susceptible to this hack. Only if you have installed Kodi or otherwise jailbroken your Amazon Firestick are you vulnerable.

This all seemed a little desperate at the time. The Amazon TV Fire Stick doesn’t have anything like the power of the average graphics card or crypto miner PC but they were being taken over by the botnet. Every little helps I guess.

Amazon TV Fire Stick hacking

The vanilla Amazon TV Fire Stick is fairly secure. However, when you install Kodi, you have to disable the basic protections that come with it. It is this process that lets ADB.Miner in.

For Kodi to install, you need to enable Android Debug Bridge (ADB). As part of the bridge, the app opens port 5555 so it can feed back to Android about what’s going on. This port remains open even when you’re not using your Firestick. It is this port that is leaving the Amazon TV Fire Stick vulnerable.

Anyone with a laptop with port scanning software and the skill to use it can theoretically scan for open ports on any device and take a look see. Usually, the Firestick will not leave ports open but ADB leaves port 5555 open which is susceptible to scanning and therefore, to ADB.Miner.

You can see the scale of the problem over at Shodan. Type ‘Android Debug Bridge’ into the search box at the top to see just how many devices are exposed in what parts of the world. At the time of writing, over 10,000 Firesticks where currently running with port 5555 open!

If you want to see just how easy it is to find a vulnerable Firestick, this page on Hackaday walks you through the entire process. It is disturbingly simple.

Secure your Firestick from hacking

Fortunately, making your Firestick more secure is just a matter of disabling ADB again. Then the port is closed and hackers will have to work much harder to get into your hardware.

  1. Power up your Firestick and log in if required.
  2. Select Settings and Device.
  3. Select Developer Options.
  4. Select ADB Debugging and disable it.

That’s all you need to do to make your Amazon TV Fire Stick more secure.

Arguably, if you’re running your Firestick at home behind a firewall and have decent network security, you’re not that vulnerable. It’s still a vulnerability though and ADB Debugging isn’t something the average user needs enabled on their device.

You can install Kodi or jailbreak your Firestick and run it happily. Just turn ADB off again once you’re finished.

ADB Debugging

ADB Debugging is a part of Android, not of the Firestick. So theoretically, any device that has it enabled is potentially vulnerable. That could be your phone, Chromebook, Android Play in your car and any other device you may have that runs Android. It’s definitely something worth checking for.

That said, to enable ADB Debugging on an Android phone, you need to be able to find the setting before you can use it. The Firestick makes it very easy to jailbreak it but on phones and other devices it is much more difficult. You have to dig into the Android settings menu on your phone, then tap a setting seven times to enable Developer Mode, then go back into the menu to enable ADB Debugging.

An Amazon TV Fire Stick can be hacked and can be used as a cryptocurrency miner. It’s not a massive risk if you’re within a secure network but it’s an extra vulnerability nobody wants to leave open. If you have jailbroken your Firestick and are enjoying Kodi, just take a minute to disable ADB Debugging. It will save your Firestick being used to make someone a little money and ensure all its hardware can be dedicated to doing what it does best, providing a fantastic viewing experience!