Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Are Taking Over Chromecasts To Promote a YouTube Channel (theverge.com)

Posted by BeauHD on from the device-vulnerabilities dept.

In what is being referred to as CastHack, hackers j3ws3r and HackerGiraffe are promoting Felix "PewDiePie" Kjellberg by forcing TVs to display a message encouraging people to subscribe to his YouTube channel. "The hack takes advantage of a router setting that makes smart devices, like Chromecasts and Google Homes, publicly viewable on the internet," reports The Verge. "The attackers are then able to gain control of the devices and broadcast videos on a connected TV." From the report: A website for the attack claims to count the number of TVs forced to show the PewDiePie message and currently says more than 3,000 have been affected. While it's not clear that this is an accurate number (it has reset several times), a number of people posted on Reddit that the video had appeared on their TV. Google tells The Verge it has received reports from people who had "an unauthorized video played on their TVs via a Chromecast device," but said the issue was the result of router settings. Both HackerGiraffe and Google told The Verge the best way for affected users to fix the issue is to turn off Universal Plug and Play (UPnP) on their routers. The two hackers said they were behind a hack in November that forced printers around the world to print out sheets of paper telling people to subscribe to PewDiePie.

9 of 90 comments (clear)

  1. Impressive... by fuzzyfuzzyfungus · · Score: 3, Insightful

    This story of spammers trying to drum up support for the incumbent puerile attention whore of youtube almost makes me think that the Iranian social media crackdown will do them some good.

    And that takes some doing. Good work guys.

    1. Re:Impressive... by Anonymous Coward · · Score: 2, Informative

      I have never cared for PewDiePie. Now, thanks to these imbeciles, I absolutely despise him.

    2. Re:Impressive... by Red_Forman · · Score: 2

      Virtual +5 insightful.

      The best way to gain support is not by pestering everyone about it.

      Everybody's heard of the Streisand effect, where an attempt to hide, remove, or censor a piece of information has the unintended consequence of publicizing the information more widely.

      Well, I'm suggesting we call this the PewDiePie effect, where an attempt to gain worldwide support for someone/something has the unintended consequence of destroying any chance of gaining more support and even destroying the support currently held for the said someone/something.

  2. Re:So why totally open this port... by dissy · · Score: 4, Informative

    Why does Chroecast open up a port, any port, to the whole wide internet?

    It doesn't. The malware these people ran is what sent the uPNP packet to open holes in their router.

    The same method has been used by malware in the past to open tons of holes in NAT devices that claim to be firewalls, even SMB and remote desktop, iterating internal IPs in turn to try and find a vulnerable windows host.

    uPNP is simply retarded and shouldn't exist. Any user-level software capable of sending a UDP packet can render such a NAT device completely useless as a level of protection that an actual firewall wouldn't allow.

  3. Re:So why totally open this port... by squiggleslash · · Score: 2

    There's nothing wrong with uPnP, it does a job that needs doing at least until we have ubiquitous IPv6.

    There's plenty wrong with devices that get (however it's done) external connectivity and then implement zero security, effectively allowing their owners networks to be abused.

    This is 100% on Google and Chromecast.

    --
    You are not alone. This is not normal. None of this is normal.
  4. Re:So why totally open this port... by Junta · · Score: 2

    Well, it's largely on Google, in an ideal world it would be 100%. A device's security strategy should never include 'dear god please don't let internet hosts connect to me'

    However, UPnP is a problem in practice because we have *so many* devices that employ this strategy, and UPnP offers a trivial way for opening them up, as well as opening command and control ports open to a client device that should never be running a service, without even a way to request approval for a UPnP forwarding request from an authorized software.

    Practically speaking, routers should probably pair with some sort of phone app and do notifications to ask for approval when a upnp request comes in and not grant forwarding until approved.

    It is a shame that in practice internet capable devices have terrible security that keeps us from having nice things like internet services on devices.

    --
    XML is like violence. If it doesn't solve the problem, use more.
  5. Re:No one should profit from crime by DontBeAMoran · · Score: 2, Funny

    It's called a dip switch, you moran.

    --
    #DeleteFacebook
  6. Re:3 points by Junta · · Score: 2

    1) I think Upnp could be useful, but it would only be useful for generating a selection of services to add on the router through some interface (it's web page or a phone app with notifications), rather than auto-granting. Having true peer to peer technologies without blessed cloud intermediaries would be nice.

    2) It sounds like they don't request that port be forwarded, but malware running on the same network segment is sending upnp packets on behalf of detected chromecasts to make them internet accessible, which circles around to point 1.

    3) While I do not particularly think PewDiePie is a particularly worthwhile source of content, odds are against him being in any way responsible for this campaign and instead someone else who finds it amusing to spam about PewDiePie for whatever reason.

    --
    XML is like violence. If it doesn't solve the problem, use more.
  7. Opposite take, liking the vulnerability exposure by SuperKendall · · Score: 4, Insightful

    I really don't care to watch PewDiePie at all (I tried a little, once).

    However the actions of his hacking subscription army exposing the absolute dismal state of the Internet Of Thangs has me absolutely cheering him on and wishing for more, and more and more similar activity until even the least technical person says "wait a minute" to installing new network connected devices.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley