CastHack Exposes Google Chromecast Device Users to Risk
January 03, 2019 / Sean Michael Kerner
A pair of hackers have taken aim at vulnerable Google Chromecast media streaming devices, sending unauthorized content and messages to unsuspecting users. The attack, dubbed "CastHack," identifies Google Chromecast devices that have been exposed to the public internet. The two attackers, who operate under the aliases of "HackerGiraffe" and "j3ws3r," then abuse capabilities in Chromecast to post a message to victims asking them to subscribe to the channel of popular YouTube streamer PewDiePie. Chromecast is a USB device that enables streaming video for consumer TVs. "If you came here because you're a victim of #CastHack, then know that your Chromecast/SmartTV/GoogleHome is exposed to the public internet, and is leaking sensitive information related to your device and home," the hackers wrote in an FAQ they posted about the attack.