Trend Micro recently reported that many Android-based Smart TVs are vulnerable to an old flaw that could lead to a backdoor attack. This flaw appears before Android Lollipop version (Android 5.0). However, as you may have noticed, many TVs or Android Set Box are still using old versions of the Android software, the risk is there.
Based on the information, these websites based on the H.TV name are targeting people who want to download apps for Smart TV. From my source, it states that these TV brands are still vulnerable: Changhong, Konka, Mi, Philips, Panasonic, and Sharp. I am not going through the technical details here as they are boring and complex, although this paragraph might be easier to digest.
How is this attack distributed? First, the attackers lure owners of smart TVs to the websites mentioned above and get them to install the apps infected with malware. Once these are installed, the attacker will trigger the vulnerability in the system. Well-known exploit techniques like heap sprays or return-oriented programming are used to gain elevated privileges in the system.
You can either update the Android version to avoid the problem (which is hard for Smart TV) or you could just protect it by using realtime software.