Free Smart TV Apps Embed Bright Data SDK to Build an AI Web-Scraping Proxy Network
Published
Key Takeaways
- AI Data Pipeline: Free apps that embed the Bright Data SDK are turning smart TVs into nodes in a web-scraping infrastructure serving AI.
- Consent-Sourced Network: The Bright Data SDK relays web scraping through millions of consent-sourced IPs, bypassing VPNs.
- Bandwidth Consumption: Devices enrolled in the network can use up to 200GB of bandwidth per month without users' explicit awareness.
Free apps installed on smart TVs are quietly enrolling those devices into a large-scale web-scraping network via Bright Data SDK. It relays scraping traffic through millions of consent-sourced IP addresses and bypasses VPNs, with some apps consuming up to 200GB of bandwidth per month on enrolled devices.
How the Bright Data SDK Operates on Smart TVs
The Bright Data SDK is embedded in free applications available on smart TV platforms, including iOS frameworks within partner apps, according to researchers at Inside Security. When users install these apps, their devices can become exit nodes in a distributed proxy network used to conduct web scraping at scale.
The SDK routes external scraping requests through the device's internet connection, using its IP address to mask the origin of the traffic. “At least three CTV-focused entities (PlayWorks, CloudTV, Longvision) monetized their user’s devices as residential proxy exit nodes,” the research said.
Because the used IPs, which the company says exceed 150 million, are described as consent-sourced, the botnet is technically built on user agreements. Yet, the practical scope of bandwidth use may not be apparent to most users at the point of installation. Petflix, a Roku app documented by The Verge, uses up to 200GB per month.
Implications for AI Data Collection
This scraping infrastructure serves AI data collection pipelines designed to avoid detection and circumvent rate-limiting or VPN-based access controls that websites use to restrict automated harvesting.
Smart TVs, which typically remain connected around the clock and are not monitored with the same scrutiny as computers or smartphones, represent an attractive pool of residential IPs for this purpose.
Bright Data is the successor to Luminati, founded on Hola VPN, which cybersecurity experts considered highly insecure.
Earlier this month, a massive 17-million-device botnet in the Netherlands was dismantled in a joint operation. In March, law enforcement dismantled the Aisuru, KimWolf, JackSkid, and Mossad illegal botnets, which compromised over three million devices worldwide. Last month, a KimWolf administrator was arrested.
A December 2025 report outlined that outdated embedded browsers expose smart TVs, gaming apps, and game consoles to cyber risks. One month earlier, Android TV boxes were linked to botnet activity.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular