Slashdot Mirror

← Back to Stories (view on slashdot.org)

The "Rickmote Controller" Can Hijack Any Google Chromecast

Posted by samzenpus on from the never-going-to-give-you-up dept.

redletterdave writes Dan Petro, a security analyst for the Bishop Fox IT consulting firm, built a proof of concept device that's able to hack into any Google Chromecasts nearby to project Rick Astley's "Never Gonna Give You Up," or any other video a prankster might choose. The "Rickmote," which is built on top of the $35 Raspberry Pi single board computer, finds a local Chromecast device, boots it off the network, and then takes over the screen with multimedia of one's choosing. But it gets worse for the victims: If the hacker leaves the range of the device, there's no way to regain control of the Chromecast. Unfortunately for Google, this is a rather serious issue with the Chromecast device that's not too easy to fix, as the configuration process is an essential part of the Chromecast experience.

4 of 131 comments (clear)

  1. Re:Maybe it's just me ... by CanHasDIY · · Score: 4, Funny

    Per TFA - you can totally point it to goatse rather than Rick Astley.

    Although for some people, there's little actionable difference between the two.

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  2. What an awesome security hole! by NoNonAlphaCharsHere · · Score: 4, Funny

    That's right up there with the Windows Explorrer thing that executed arbitrary code from a bitmap file when you visited the directory it lived in. Kudos to Google for keeping up.

  3. Re:Maybe it's just me ... by Anonymous Coward · · Score: 5, Funny

    Holy shit! I was pretty surprised to hear about a security hole in Chromecast, but I was really flabbergasted to hear about your DOG THAT CAN FUCKING READ!

  4. Re:Maybe it's just me ... by deek · · Score: 5, Funny

    Hence, for the vast majority, there's no way to regain control of the Chromecast.