Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Are Taking Over Chromecasts To Promote a YouTube Channel (theverge.com)

Posted by BeauHD on from the device-vulnerabilities dept.

In what is being referred to as CastHack, hackers j3ws3r and HackerGiraffe are promoting Felix "PewDiePie" Kjellberg by forcing TVs to display a message encouraging people to subscribe to his YouTube channel. "The hack takes advantage of a router setting that makes smart devices, like Chromecasts and Google Homes, publicly viewable on the internet," reports The Verge. "The attackers are then able to gain control of the devices and broadcast videos on a connected TV." From the report: A website for the attack claims to count the number of TVs forced to show the PewDiePie message and currently says more than 3,000 have been affected. While it's not clear that this is an accurate number (it has reset several times), a number of people posted on Reddit that the video had appeared on their TV. Google tells The Verge it has received reports from people who had "an unauthorized video played on their TVs via a Chromecast device," but said the issue was the result of router settings. Both HackerGiraffe and Google told The Verge the best way for affected users to fix the issue is to turn off Universal Plug and Play (UPnP) on their routers. The two hackers said they were behind a hack in November that forced printers around the world to print out sheets of paper telling people to subscribe to PewDiePie.

2 of 90 comments (clear)

  1. Re:Impressive... by Anonymous Coward · · Score: 2, Informative

    I have never cared for PewDiePie. Now, thanks to these imbeciles, I absolutely despise him.

  2. Re:So why totally open this port... by dissy · · Score: 4, Informative

    Why does Chroecast open up a port, any port, to the whole wide internet?

    It doesn't. The malware these people ran is what sent the uPNP packet to open holes in their router.

    The same method has been used by malware in the past to open tons of holes in NAT devices that claim to be firewalls, even SMB and remote desktop, iterating internal IPs in turn to try and find a vulnerable windows host.

    uPNP is simply retarded and shouldn't exist. Any user-level software capable of sending a UDP packet can render such a NAT device completely useless as a level of protection that an actual firewall wouldn't allow.