Malware alert infographic: Photo frame with auto-download arrows to spyware; protective shields for updates and isolation, with "Secure Your IoT" warning banner over a smart home.

Android photo frames running the Uhale app, sold under brands like BIGASUO, WONNIE, and MaxAngel, automatically download and execute malware on boot without user interaction. Quokka analysts found this exploits insecure trust management and hardcoded keys, granting root access.

Malware alert infographic: Photo frame with auto-download arrows to spyware; protective shields for updates and isolation, with "Secure Your IoT" warning banner over a smart home.Malware alert infographic: Photo frame with auto-download arrows to spyware; protective shields for updates and isolation, with "Secure Your IoT" warning banner over a smart home.

The malware, linked to Vo1d botnet and Mzmess (affecting 1.6 million devices), enables surveillance, data theft, and network attacks. Frames act as entry points for broader compromises.

Malware alert infographic: Photo frame with auto-download arrows to spyware; protective shields for updates and isolation, with "Secure Your IoT" warning banner over a smart home.Malware alert infographic: Photo frame with auto-download arrows to spyware; protective shields for updates and isolation, with "Secure Your IoT" warning banner over a smart home.

Protect yourself: Avoid untrusted IoT devices, update firmware, and isolate them on networks. This highlights IoT security risks in smart homes.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, FraudProtector.net