cancel
Showing results for 
Search instead for 
Did you mean: 

VirginMedia distributing viruses!

Lil-Squabbit
Up to speed

As the title says.

VirginMedia are now distributing malicious malware/ viruses via their Telly Tablets. The viruses in question are:

  • COM.WAGD.SMARTER
  • COM.WAGD.XIAOAN
  • COM.WAGD.GEM

Apparently, this is due to an infection on one of their update servers which hard codes the malware into the system software. This means that even if you do a hard reset on the device, the malicious products will be reinstalled too.

What are VirginMedia doing about this as I am sure we cant be the only people that are having this issue.

This is worrying that a major broadband supplier is letting these malware/viruses run rampant through their products. Bad form VirginMedia, bad form!

What are you going to do about this? 

...........................................................................................................
Lil-Squabbit is soooooo NOT amused!!!!
193 REPLIES 193

clarkey39
Dialled in

Hi all,

After speaking with @Kev_B friday night, i reset my TT back to factory reset. I then left it for 2 days straight, the only thing i had done was connect to my internet and input my google account. It is still running fine now with no pop ups. 

This morning i have loaded on VLC player and the Virgin Remote Control app to play video from my cloud and from my V6 box. It has been playing movies for about 3 hours straight now........no pop ups.

stats below

clarkey39_0-1620638568013.png

 

will update later..........

 

Unfortunately, mine loops at the login screen after factory reset.

It says "This device has been reset. To continue, sign in with a Google Account that was previously synced to this device"
When I go to verify my Google account, the tablet gives an error. Even though Google has verified the account on my phone.

Now. When you factory reset an android device (and wipe cache), there should be nothing but the blank operating system on the device. No previous accounts. No previous data.

However, on a root integrity check, it's outcome is that one system file has been modified.

My tablet is now rendered useless until I can get past the login screen. Which, by the looks of it, is compromised to point to the rogue account that was put on there

And this is why updates go to beta testing first


@clarkey39 wrote:

Hi all,

After speaking with @Kev_B friday night, i reset my TT back to factory reset. I then left it for 2 days straight, the only thing i had done was connect to my internet and input my google account. It is still running fine now with no pop ups.


Cool. Thanks for the update. Did he ask you to remove your Google account from the tablet before factory resetting? Did you do the factory reset through the settings menu or in the recovery mode?

@SiRowley wrote:

Unfortunately, mine loops at the login screen after factory reset.

It says "This device has been reset. To continue, sign in with a Google Account that was previously synced to this device"
When I go to verify my Google account, the tablet gives an error. Even though Google has verified the account on my phone.

Now. When you factory reset an android device (and wipe cache), there should be nothing but the blank operating system on the device. No previous accounts. No previous data.


Did you remove your Google account before factory resetting? If not, it'll trigger the FRP check. Is it possible you put in an incorrect password on your first attempt to log in? If so, I believe you will have to wait up to 72 hours before it'll let you in. Recently changing or resetting your password can also prevent you from getting in.

The second account on your tablet is very worrying. Hopefully, no harm has been done to your Google account. I've changed all my passwords after noticing the malware, glad I did now.

Hi 

No I didn't remove my account before wiping. Just put the TT into recovery mode and wiped it. 

IMG-20210509-WA0001.jpg

That's weird. Your's is in English, yet If I do the reset on mine, the writing's in Mandarin. I've also managed to get it working properly (minus system updates). Different builds in different countries?

Holding power and volume up (instead of down) shows the English menu. I only realized myself after reading SiRowley's post. 😁

Flashman68
On our wavelength

I'll take note for future reference, for when it happens again! Thanks!

clarkey39
Dialled in

still going................

clarkey39_0-1620722874589.png

 

DM87
Tuning in

I factory reset mine at 2 pm yesterday. I've been using it since. Kept it connected to Wi-Fi and rebooted it a few times too. So far the viruses haven't come back. 🙂