Hi,
I have a Norton Core that warns me about outgoing Botnet/Malicious site traffic from my Apple TV.
The IP is 13.33.46.28, which apparently is an Amazon.com server that traces to cloudfront.
Does apple run their cloud/iTunes... content from Amazon servers and this is just a false warning from Norton - or how likely can an Apple TV be hijacked?
The apple TV OS is up to date.
Thanks for your thoughts...
Apple TV (4th generation)
All apps in Apple’s tvOS App Store are submitted for approval, precisely to avoid unwanted code. Everything is ‘sandboxed’, so that apps can’t interfere with the system or other apps. The system software has its own protection by not allowing any tampering/customization at all. Any changes have to come from official system updates.
It is not published where Apple leases some its cloud computing and cloud space, but at least some of it is outsourced, and Amazon AWS is a big player in that market. On the other hand, any 3rd party app can connect to a server anywhere in the world for their content, which has nothing to do with Apple.
You should track the time stamps and note which apps were in use/open at that time. Then determine if that was legitimate.
Like in journalism, get two sources to make a credible claim (only Norton Core isn’t enough proof, imho). The IP might be part of a block of IPs that may have been suspect at some time in the past, now resolved or cleared. That alone doesn’t make todays connection attempt malicious.
Keep us informed.
Botnet warning for Apple TV
