We have the UA40KU6000 Smart TV and either the recent TV's Firmware update has bugs or the TV got infected with a Malware / Virus. First, we started noticing slowdown issues on our home network and constant SYN Flood, LAN-side UDP Flood, as well as TCP/UDP Port Scanning activities were being reported in our Modem's logs. The time reported for these malicious activities coincide with the TV being turned on. Aside from this, I got really suspicious when the Youtube App pre-installed in the TV suddenly changed some of its interface icons into Chinese characters. Then slow loading of the Youtube App videos and sometimes the app actually hanging by displaying a black screen made me decide to reset the app. It worked for a few days.
But when the problem came back, it was worse. I needed to totally reset the Smart Hub App and tried securing my account on Samsung's website. The strange thing is, we don't have the option in the TV to strengthen the login feature. It only uses Profile Image selection as a crude security measure. That means any hacker can easily guess from a limited number of Profile Images and he/she will get to login on the TV successfully using my Samsung Account. The Two-factor Authentication (2FA) security feature does NOT actually exist on the TV and it's just for Samsung's website. ☹️
Anyhow, after resetting the TV to factory settings and reactivating my Samsung Account in the TV, our home router's Firewall has now totally blocked the TV from accessing the network. I had to connect the TV directly to the modem for it to be able to access the Internet and work again. But I know that our Samsung TV is now part of a Botnet who does constant Distributed Denial Of Service (DDOS) attacks in the Internet because Samsung can't seem to fix their TV's security feature. The TV's built-in Virus Scanner is useless. Due to this, I guess it's only a matter of time before our Internet Service Provider (ISP) will block our Internet access.
I hope Samsung will provide a fix soon. I need to access the Steamlink App through our home network soon and I cannot do that if the TV is not connected to our home router. Please Samsung, fix this and help reduce worthless Internet traffic like DDOS attacks for the sake of the netizens of the world.
Hi @RendCycle .
I can see that you've got a non EU model TV. With Samsung support being localised and this being a European forum (the English language part is supported by the Samsung UK & Ireland team, for example), we're limited in what we can do for you in terms of direct support.
Have you been in touch with Samsung in your region to see if others are reporting the same?
Hello, I did try to look for a Samsung community/forum site in my country but couldn't find one to see whether others have reported having the same issues. I also did try contacting Samsung tech support locally but the email function on their site is not working yesterday. I was able to Chat with someone though but according to the support personnel, he/she only can help w/ mobile phones and asked me to contact Live Chat in the morning. So my only choice was to post here in case someone can help.
Anyhow, I just checked the email option again in the local Samsung site to try and screenshot the error but found out it seems to be working now. So will see if someone can help me there. I appreciate the reply, thanks!
I was able to talk to someone from local Samsung Tech. Support phone line. But as expected, they couldn't solve our TV's problem. My TV's Firmware version is 1242 and I noticed in the official Samsung website, the available downloadable firmware version is only 1241.5. That's strange. Anyhow, I recently repeated the tests in trying to run these apps: Youtube, Youtube Kids, Vimeo, Netflix, and Steamlink. Here's my result:
UPDATE: I think my old Asus Router has been infected with a persistent Malware that cannot be fixed by any firmware upgrade / replacement nor a hard / factory reset. I replaced the Router with a brand new one and the problems with the Youtube App disappeared. This can also mean the TV might still be infected and the security features of the new Router is just blocking it as I guess its a two-way street how the Malware works. An allowed data query from the TV gets hijacked by the Router. In return, it grabs an edited content from a specific masked address in the Internet before displaying them on the screen. I hope Samsung will strengthen the security features of their TV to help prevent this kind of issues.
EDIT: I spoke too soon. The Malware is back!!! See next post.
ANOTHER UPDATE: After turning on the TV this morning I discovered the problem is back!!! So this means there is no problem with the Router and this is solely caused by an infected Youtube App, Youtube Kids App, Vimeo, and probably the Smart Hub App installed on the TV. But there is a high chance that this could also mean the Web Server hosting the Smart Hub App (serving the software downloads) is somehow also totally infected with Malware as even a factory and app reset on the TV itself, the Malware infection comes back. If you own a Samsung Smart TV, I suggest you DO NOT DOWNLOAD ANY NEW APP for now.
This is a major problem and have already affected a lot of vulnerable Samsung TVs. I've noticed there are already similar reports as far as 9 months ago especially in other websites like Reddit, etc. Why has this not been fixed until now?
I don't know what to do at this point. I hope Samsung can help soon.
It looks like people are experiencing similar issues since 2018. Here's the related thread in this same forum site. But the issue initially posted therein is just half of the problems I experienced. Last time, I was just not able to connect to the Internet after "denying" the security certificate warning. But I didn't see whether there are still random Chinese characters on the Youtube Apps because I was not able to access it.
I just followed the solution marked in that post and I was able to connect to the Internet. Hoping this would last.
I just browsed the email choice again in the nearby Samsung site to attempt and screen capture the mistake however figured out it is by all accounts working at this point. I Appreciate you Post.