'That's a red flag' - Irish people warned dodgy boxes could be watching you at home

Irish households are being warned that using a 'dodgy box' on a heavily modified Android-based device can lead to the harvesting of personal data, expose entire home networks, and leave households and businesses facing enforcement actions.

Surfshark, a cybersecurity company and leading VPN provider, issued a safety advisory on illicit IPTV devices—commonly called “dodgy boxes”—that promise ultra-cheap access to premium TV, sports, and movies.

"While these boxes may appear to be a low-cost shortcut, they can come with significant risks: data theft, malware, home network exposure, and potential legal consequences," according to a statement.

“Once you connect an untrusted IPTV box to your home network, you should assume anything you type into it could be harvested—and that the device may try to observe other traffic on your network,” said Miguel Fornes, Cybersecurity expert at Surfshark

“Many of these devices run heavily modified versions of Android with security controls stripped out so pirated apps can run. From a security perspective, that’s a red flag.”

READ NEXT: 'You hear terrifying stories'- Young woman alarmed over 'creepy' delivery driver text

According to Mr Fornes, to run pirated or “cracked” apps, many dodgy boxes disable core Android protections such as verified boot and app integrity checks, which makes them far easier to compromise. Anything you enter on the device—streaming logins, Google accounts, search history, voice input, even photo libraries if linked—may be harvested by unknown third parties.

"Once connected to your home Wi‑Fi or Ethernet, these devices can discover other devices on the network and may intercept unencrypted traffic, map your network, and weaken your overall security. Their firmware is often outdated, tampered with, or unsigned, and they rarely receive trustworthy security updates, leaving known vulnerabilities unpatched," a statement warned.

"There are also legal and financial risks: in many countries, accessing or exhibiting paywalled content without a license is illegal, and law enforcement has inspected commercial venues such as bars and pubs for unlicensed broadcasts, resulting in fines and other penalties. Finally, these services are unreliable; providers can disappear without notice, leaving users without access, recourse, or refunds."

Who is targeted?

Households seeking cheap access to premium sports and entertainment—especially where pay‑TV is expensive—are a primary target. Small businesses and venues that show live sports without proper commercial licensing are also at risk and may face inspections and enhanced penalties. Users in regions where illicit IPTV is widespread, including parts of Europe, are commonly targeted as well.

Cybersecurity expert Miguel Fornes advises what consumers and businesses should do:

Use legitimate services and hardware: Subscribe through recognized broadcasters or streaming platforms and use official set‑top boxes or certified devices.

Do not sign in on untrusted hardware: Never enter personal accounts (email, cloud storage, photos, payments) on unverified or modified devices.

If you have used a dodgy box:

Disconnect it immediately and remove it from your network.

Change passwords for any accounts used on the device and revoke device access from account security settings.

Check your router for unfamiliar connected devices and DNS changes; consider a factory reset and firmware update.

Monitor financial accounts and watch for targeted phishing.

For venues: Ensure you have the correct commercial licenses for public exhibition of live sports and premium channels. Keep invoices and device serials on record for compliance checks.

“The bargain is illusory,” added Mr Fornes. “If a device is illegal, preloaded, and unbelievably cheap, you—and your data—are the product. The safest choice is to avoid these boxes entirely.”