Hackers Exploit Chromecast UPnP Router Vulnerability on Smart TVs
Funny story really, Swedish video-game vlogger PewDiePie got some unexpected help boosting subscription numbers when hackers took over Chromecast devices to promote his channel.
So basically a router setting that makes smart devices, like Chromecasts and Google Homes, publicly viewable on the internet. The attackers are then able to gain control of the devices and broadcast videos on a connected TV.
The 'CastHack' is being conducted by two hackers, HackerGiraffe and j3ws3r. The main hacker behind this hacking campaign explained on Twitter that CastHack takes advantage of users who use incorrectly configured routers that have the UPnP (Universal Plug'n'Play) service enabled, service which forwards specific ports from the internal network on the Internet.
The ports are 8008, 8009, and 8443, which are normally used by smart TVs, Chromcasts, and Google Home for various management functions. The devices expose these ports on internal networks, where users can send commands from their smartphones or computers to the devices for remote management purposes. But routers with incorrectly configured UPnP settings are making these ports available on the internet.
A website for the attack claims to count the number of TVs forced to show the PewDiePie message and currently says more than 3,000 have been affected. The best way for affected users to fix the issue is to turn off Universal Plug and Play (UPnP) on their routers. The can also make sure UPnP doesn't port-forward ports 8008, 8009, and 8443.
HackerGiraffe said their attacks are more about exposing vulnerabilities than promoting Kjellberg’s channel. “We want to help you, and also our favorite YouTubers (mostly PewDiePie),” their website reads. “We’re only trying to protect you and inform you of this [vulnerability] before someone takes real advantage of it.
Disney: Hackers Claim Have Stolen Upcoming Movie An Demand Money - 05/16/2017 07:28 AM
Disney Chief Bob Iger Says Hackers Claim to Have Stolen an upcoming movie, this rumoured is to be Pirates of the Caribbean: Dead Men Tell No Tales. If they do not pay a ransom, the movie will be let ...
Hackers steal money from bank accounts through two-factor authentication - 05/08/2017 06:43 AM
Criminals have been able to Hackers have been able to steal money from bank accounts by intercepting text messages (SMS) used for two-factor authentication. ...
Hackers Release Tool to Exploit iCloud Accounts - 01/06/2015 09:28 AM
A hacker has released a tool that he says can break into any iCloud account. The tool, iDict, uses an exploit in Apple's security to bypass restrictions that stop most hackers from gaining access to ...
Hackers use zero-day Windows exploit to spy on NATO, EU, US - 10/15/2014 08:24 AM
Hackers have been using a zero-day exploit in Windows to spy on numerous high-ranking agencies across the EU and the world. Among those affected we have NATO, several Western governments, EU energy an...
Hackers Targeting Diablo III Players - 05/22/2012 08:57 AM
There are reports (#1, #2, #3, #4, #5) coming in that hackers are gaining access to people's accounts, even with the always-on DRM to cut down on both hacking and piracy. Victims claim they are missin...
Senior Member
Posts: 304
Joined: 2013-04-05
Insane and sad that news over editorial is a rare commodity these days.
Senior Member
Posts: 12052
Joined: 2014-07-21
There's a reason why I don't fancy "smart" TVs themselves, and now they even promote overestimated youtubers.
Member
Posts: 27
Joined: 2006-02-03
The only website where the actual issue was reported properly!