The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Hackers hijack thousands of Chromecasts to warn of security bug

2019-01-03 17:14 by
Tags: ,

 

Hackers have hijacked thousands of exposed Chromecast streaming devices to warn users of the latest security flaw to affect the device. But other security researchers say that the bug — if left unfixed — could be used for more disruptive attacks.

"We have received reports from users who have had an unauthorized video played on their TVs via a Chromecast device," a Google spokesperson said. "This is not an issue with Chromecast specifically, but is rather the result of router settings that make smart devices, including Chromecast, publicly reachable," the spokesperson added.

The hackers, who go by the aliases Hacker Giraffe and J3ws3r, exploited the Universal Plug and Play (UPnP) networking standard in routers to force Chromecasts to display a message on users' TVs. The message reads: "ATTENTION. YOUR Chromecast/Smart TV is exposed to the public internet and is exposing sensitive information about you!"

The message then directed users to a site, which has since been removed, with more information about the so-called CastHack and also encouraged them to subscribe to PewDiePie.

Such an exploit could be used to pull off a complicated series of attacks, such as playing voice commands loud enough to be overheard by a smart speaker and thus mess with any connected accounts or devices.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About