C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
Hackers Hijack Chromecast Devices and Smart TVs via Exposed UPnP
A pair of hackers has launched a campaign that displays rogue messages on people’s smart TVs encouraging them to subscribe to a popular YouTube channel. The attack doesn’t seem to be malicious and is part of a larger campaign to promote PewDiePie, the YouTube channel with the largest number of subscribers that was recently in danger of being dethroned. Some weeks ago supporters started remote printing messages on internet-exposed printers and now it seems that they’ve switched to TVs. The attack takes advantage of ports 8008, 8443, 8009 which are used by Chromecast devices, Google Home and some smart TVs for management on internal networks. These management APIs don’t generally require authentication, but as long as they’re only available on LANs, the risk is not that great. The problem is that many home routers have broken Universal Plug and Play (UPnP) implementations and this feature, which is typically used for service discovery and automated configuration, can automatically expose those ports to the internet. This means hackers can then send commands directly to users’ TVs or attached Chromecast devices.
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.