Researchers at Include Security have shown how a software kit made by Bright Data, embedded inside free apps on Samsung, LG, and Roku smart TVs, quietly turns those always-on devices into relays for someone else's web-scraping traffic. Users opt in through a consent screen buried in the TV's menu, then their home internet connection is used to fetch web pages for Bright Data's paying customers, many of them AI firms. The researchers found the control channel barely checks who is issuing commands, weaker than many malware families, and on iPhones the traffic even slips past VPNs and normal monitoring tools.