Google was warned of a bug in its Chromecast media streaming stick years ago, but did not fix it. Now, hackers are exploiting the bug — and security researchers say things could get even worse.
A hacker, known as Hacker Giraffe, has become the latest person to figure out how to trick Google’s media streamer into playing any YouTube video they want — including videos that are custom-made. This time around, the hacker hijacked thousands of Chromecasts, forcing them to display a pop-up notice that’s viewable on the connected TV, warning the user that their misconfigured router is exposing their Chromecast and smart TV to hackers like himself.
Not one to waste an opportunity, the hacker also asks that you subscribe to PewDiePie, an awful internet person with a popular YouTube following. (He’s the same hacker who tricked thousands of exposed printers into printing support for PewDiePie.)
The bug, dubbed CastHack, exploits a weakness in both Chromecast and the router it connects to. Some home routers have enabled Universal Plug and Play (UPnP), a networking standard that can be exploited in many ways. UPnP forwards ports from the internal network to the internet, making …read more
Source:: TechCrunch Gadgets
Previous post