Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: smart-tv (1 article)Clear

Free apps turn smart TVs into hidden web-scraping proxies

Researchers at Include Security have shown how a software kit made by Bright Data, embedded inside free apps on Samsung, LG, and Roku smart TVs, quietly turns those always-on devices into relays for someone else's web-scraping traffic. Users opt in through a consent screen buried in the TV's menu, then their home internet connection is used to fetch web pages for Bright Data's paying customers, many of them AI firms. The researchers found the control channel barely checks who is issuing commands, weaker than many malware families, and on iPhones the traffic even slips past VPNs and normal monitoring tools.

Check
On managed mobile devices, scan apps for the Bright Data SDK using the binary symbols BrdWebSocketFacade and BrdNetwork.DNSResolver, and watch networks for unexplained outbound scraping traffic.
Affected
Samsung, LG, Roku, and other smart TVs plus iOS and Android phones running free apps that bundle the Bright Data (formerly Luminati) residential-proxy SDK.
Fix
Uninstall apps that bundle the proxy SDK, decline the bandwidth-sharing consent prompt, and block the SDK on managed devices via MDM app-vetting and outbound network policy.