Menu
Reply
Graham_A
  • 16.16K
  • 2.26K
  • 6.9K
Very Insightful Person
Very Insightful Person
1,013 Views
Message 91 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

See messages 41 and 42 in this thread.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Tigratone
  • 36
  • 0
  • 24
On our wavelength
973 Views
Message 92 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

The only updates we have had is virgin saying we will update you when we have a update!!!

Come on virgin let's hear something even if it is an acknowledgement that there is a problem,!

0 Kudos
Reply
Lil-Squabbit
  • 110
  • 2
  • 31
Up to speed
954 Views
Message 93 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

Hello. I received this response from virginsupport@exertis.co.uk, which is the company that supplies the tablets to virgin media.

Good afternoon,

Thanks for your e-mail regarding the Malware issue affecting your Virgin Telly Tablet.

We are now aware of this as being a fairly widespread issue and unfortunately, we have not been able come up with another solution as yet to how this may be resolved.

We are liaising with Virgin Media in regard to the problem and are currently documenting any reported incidents so we can hopefully better understand the problem.

Hope this sheds a little light on the situation but unfortunately it's not a solution 😭

Naomi 💋

...........................................................................................................
Lil-Squabbit is soooooo NOT amused!!!!
Sololobo
  • 4.54K
  • 305
  • 1.53K
Community elder
925 Views
Message 94 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!


@Graham_A wrote:

See messages 41 and 42 in this thread.


Thanks for the pointer.

I missed post 41 and it's duplication in post 42 altogether. I have to admit that I was looking for something more.




It's What I Do.
I Drink and I
Remember Things.

Only mark a post as helpful if your issue has been resolved.
0 Kudos
Reply
Anonymous
Not applicable
904 Views
Message 95 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

might push this to one of the security forums I'm part of. Its an interesting story 🙂
We are always told to keep devices up to date. But its not the first time that a u[date server has been compermised
clarkey39
  • 63
  • 0
  • 9
On our wavelength
794 Views
Message 96 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

Christ I moaned for ages about my telly tubby not being updated to android 7......wish it was still on 6.1 now 😆

KT6
  • 3
  • 0
  • 9
Tuning in
698 Views
Message 97 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

Dear Forum members and fellow Virgin Telly Tablet owners.

I understand from reading this thread that many of you are concerned by the erratic behaviour being exhibited by your Virgin Telly Tablet with cases starting up to a few weeks ago.

There are mixed conceptions about what appears to be going on with these tablets and everyone seems to be blaming their device and rendering them useless.

To summarise my understanding of the issue is that the tablets are preloaded with a System update app built into the operating system that was customised by the Manufacturer (Virgin or whomever built the tablet on behalf of Virgin) that system update app is going online and checking for updates/patches for these tablets every time the tablet is connected to the internet. This feature was designed for the best of intentions to keep your devices up to date.

BUT it appears a few weeks ago a company called Gigaset has had their update servers hacked/compromised and their servers are PUSHING dodgy/malware-based updates to many owners of Gigaset devices, but not just Gigaset any other device that was either jointly built by them but also tablets that are being hosted for updates on the same server (I feel the latter is the case)

https://blog.gigaset.com/en/upms/

https://borncity.com/win/2021/04/16/gigaset-roadblocks-in-cleaning-up-the-malware-attack-april-12-20...

These viruses are piece of cake to uninstall, it’s not actually hard to uninstall the app and there are people talking about flashing / reloading the entire operating system onto the tablet. We've tried this approach and it won't solve anything. Because unless you're using 3rd party software/recovery, the original vanilla Virgin android software will have the same system update app built in.

When the tablet is factory data reset and rebooted WITHOUT internet access, the virus is deleted and gone and there are no more pop ups. This means the tablet recovery/reset feature is enough to get rid of this virus. By attempting to look for 3rd party operating system recovery images or hacks you could risk bricking / damaging your device. The sheer fact that the tablet operates perfectly fine after a factory reset without an internet connection assures us that the virus DOES get deleted when the tablet is reset. The issue currently is that when you connect the tablet back online for the first time after a reset, the tablets background system update app is connecting to a compromised/hacked update server and pulling a load of s**t back onto your tablet.

I personally feel of my technical assessment that this issue will continue till Gigaset (or their 3rd party update provider) has cleansed their update servers of the virus/malware apps being pushed to our tablets.

I've tried several tablets after factory reset and they work in offline mode perfectly fine, its only when we put the internet connection back on (i.e. give the tablet system update app access back to the internet, is that when the unwanted malware is redownloaded to the tablet) This I feel is creating confusion as there is people who have posted thinking that the virus isn't deleting when you reset the tablet, it is deleting, you just don't realise by putting the tablet back on the internet you're reloading the same crap back onto it.

Now you understand what is happening there is only in my personal opinion a few paths moving forward, we wait for the severs to get fixed and then reset our tablets once more and then use as normal, but if we cannot live without the tablet then reset the tablets, set them up without WIFI internet to start with, then use developer mode to disable updates, and also use ADB commands to uninstall the system update package. Then once the tablet is connected online after this the tablet should run fine without any virus reinstalling, but note when you factory reset your tablet again these settings/adjustments will be undone and you'll be open to viruses redownloading to the tablet if the server issue has not been fixed.

As of 20th April 2021 the tablets are still downloading crap from the system update servers so the issue on the update service providers end is not sorted.

The other issue is that there is so many companies involved in the supply chain and not just Virgin Media and the updates are clearly not being hosted by Virgin or anyone in the UK so getting this issue resolved will take patience.

My best advice is to not use the tablet on the internet whilst this issue is happening, I know that defeats the purpose of the product, but for the interim weeks ahead till the update servers are cleaned I think it’s safe to use these products in offline usage only and only put them online after the reset and taking the steps to disable and uninstall the system update app using ADB if you're tech savvy enough to do that.

I just wanted to put together a post that would give a better understanding of what was going on as a lot of telly tablet owners seem to be really concerned that this issue will require the tablet to be receive new software from Virgin, at the present moment I disagree, I feel the tablet just needs to stop being fed fake new software in the form of malware from the update service providers.

Tigratone
  • 36
  • 0
  • 24
On our wavelength
660 Views
Message 98 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

Thankyou kt6. Very useful information,  I was thinking about flashing the software but was in two minds, your post has confirmed to me not to do it.

For the moment I think I will just wait, and hope that the infected servers get fixed or for anything else that might solve the problem.

 

0 Kudos
Reply
Kev_B
  • 7.96K
  • 285
  • 2.28K
Community Manager
Community Manager
642 Views
Message 99 of 188
Flag for a moderator
Helpful Answer

Re: VirginMedia distributing viruses!

Hi,

We're still conducting our investigation, and we've been asked to capture some information to help our security teams in the work they're doing. If you've been affected, would you please mind posting with answers to the following information?

  1. How did you update the Telly Tablet, was it via Settings System Updates, or was it prompted by a pop-up?
  2. Can you confirm if the update you downloaded was a system update or an update within a specific app?
  3. Can you confirm the build version of your device please?

Our teams are monitoring the forum thread, so as soon as we get this information it will be factored into the investigate.

I completely understand the concern being expressed, please rest assured we're doing all we can to address this update. The information provided will help us get to a resolution.

P.S. This is being marked as a Helpful Answer to ensure everybody sees the information we're asking for, we aren't considering this issue resolved.

Kev

The do's and don'ts. Keep the community welcoming for all. Follow the house rules


KT6
  • 3
  • 0
  • 9
Tuning in
633 Views
Message 100 of 188
Flag for a moderator

Re: VirginMedia distributing viruses!

Edit/Update:

For anyone who has read my post and is interested in the steps I would take to TEMPORARILY fix this (this is just a quick highlight and happy to help anyone who requires more detailed steps)

1. Full factory data reset the tablet but do not connect the tablet to your internet network after the reset
2. Go to "settings" in your android app menu, then "about tablet" click "build number" 7 times
3. go back into the menu and select "developer options" and turn them ON from the top of the menu, scroll down and disable/turn off "AUTOMATIC SYSTEM UPDATES" and enable "USB debugging"
4. in Developer settings click "running services" find "system updates" and disable the services running for system update, there might be more than 1 entry.
5. I would then proceed a step further and uninstall the system update app all together - but this requires a install of ADB android toolkit on your desktop computer and some tech savvy to send the following command through the ADB interface to uninstall the system update app all together, the command is:

adb shell pm uninstall -k --user 0 com.redstone.ota.ui

***After some further testing this afternoon 5th step is most essential to disabling this software from reinstalling to the tablet.*** For most this may be quite complicated but I've attached a general YouTube guide on how ADB works and how to set it up (credits to the author of the content)

https://www.youtube.com/watch?v=1F1qiaiNdnI


Please note and remember that if you factory reset your tablet all the above changes will be undone but these are relatively safe steps to get your tablet working for the interim but it will involve and start with a full factory data reset which means you'll lose your data, apps and saved files.

Once the above is all done you can then connect the tablet to the WIFI/internet and enjoy it and I've so far not seen the malware reinstall.

I hope this helps.