A recent investigation has shed light on the troubling circumstances surrounding SmartTube, a widely used YouTube application for Android TV and Fire TV devices. Following its removal from these platforms last week, it has been revealed that the app was compromised due to malware infiltrating the developer’s build machine.
According to the findings, some versions of SmartTube released earlier this month were inadvertently distributed with this malware embedded. Users who may have downloaded these affected versions are now advised to take precautionary measures, including resetting their devices and thoroughly reviewing their YouTube and Google account information.
Initially, it was believed that the app’s digital signature leak was the sole reason for its removal by Google Play Protect and Amazon. However, the situation appears to be more complex, as confirmed by a report from AFTVnews. The developers of SmartTube have acknowledged that their build environment was compromised, leading to the distribution of infected app versions.
The developers are currently investigating which specific versions were affected, with the security breach thought to have occurred in early November. Notably, versions 30.43 and 30.47 uploaded to APKMirror have been flagged as malicious by various malware scanners, which likely prompted the swift action taken by both Google and Amazon.
In response to this incident, the compromised build machine has been wiped clean, and the developers have established a secure build environment. A new version of SmartTube, designated as build number 30.56, has been released, marking the first iteration produced from an uncompromised system. Users can access this malware-free version through the following codes via the AFTVnews Downloader app:
- Stable version: 28544
- Beta version: 79015
This updated version is not yet available on SmartTube’s GitHub repository due to some existing bugs that the developers are working to resolve. As a precaution, all previous versions of the app have been removed from GitHub.
Should you be worried?
The full extent of the malware’s capabilities remains uncertain. Fortunately, SmartTube does not request extensive permissions and does not require users to log in with their YouTube or Google credentials directly. Even in cases where users granted backup access to Google Drive, the malware should not have access to sensitive Google account data. However, there could be implications for permissions related to YouTube account controls.
Given these concerns, AFTVnews recommends that users who installed the app perform a factory reset on their devices, review their Google account permissions, and check their YouTube activity history for any unusual activity. Reinstalling SmartTube using the newly verified version is also strongly advised.
