Smart TVs under hacker attack: what’s happening

Another hacker attack in favor of PewDiePie. This time the fans of the Swedish youtuber are targeting smart TVs and Chromecast playing his videos

After printers now it's the turn of Smart TVs: the hacker fans of the youtuber PewDiePie, who in recent weeks had managed to control over a hundred thousand printers and have flyers printed in which they invited everyone to subscribe to the YouTube channel of the Swedish comedian, have now also managed to get inside thousands of smart TVs, Chromecast devices and Google Home.

The goal of this hacking attack? Always the same: to advertise the comedian, in this case by playing a video inviting users to subscribe to the youtuber's channel. The video is part of a guerrilla marketing campaign in favor of PewDiePie, who is officially unrelated to all this: his YouTube channel has been fighting for months with Indian channel T-Series for the title of the most popular channel on YouTube. All of the hacking attacks in this campaign are intended solely to invite "victims" to subscribe to PewDiePie's channel to help him win against the Indians.

The CastHack attack against smart TVs

The attack, renamed CastHack and launched by hacker TheHackerGiraffe, exploits a vulnerability in routers: if the UPnP (Universal Plug'n'Play) service is not configured correctly it leaves open some ports (usually 8008, 8009 and 8443) that can be used by hackers to enter our home network and control the smart devices connected to it. These ports are normally used by smart devices to communicate with each other, but the router should prevent access from the outside.

Not all routers, however, are configured correctly and this allowed a second hacker called FriendlyH4xx0r to set up a script that scans the entire Internet for devices with these open ports. Once the devices are identified, another script renames them to "HACKED_SUB2PEWDS_ #" and attempts to automatically play the promotional video.

What are the dangers in case of attack

No damage to Smart TVs or other devices reached by FriendlyH4xx0r, let's be clear, but this episode shows for the umpteenth time how Smart Home devices can become a dangerous gateway for hackers, viruses and Trojans of all kinds: the devices that have played the video are already over 5,000. Google has already released a patch for Chromecast that closes the offending ports on the device. Users, for their part, can protect their smart devices by acting on the router and disabling UpnP services. Another way, more effective but more complex for the average user, is to enter the router's configuration and close only the affected ports: 8008, 8009 and 8443.

TheHackerGiraffe, meanwhile, announced that it is working to enter SSonos devices as well. Hacker attacks against Chromecast, on the other hand, are nothing new at all: the first ones date back to 2013.