Hackers „knock-knocking” via your smart TV

Gauthier Befahy
Gauthier has been active in the IT field for over 10 years. Currently working for Scademy Ltd, He oversees global Sales and Marketing.

Malwares in Android devices, dongles filled with vulnerabilities… Smart TVs have become a target of choice for hackers!

They are becoming more and more popular by the day, not only for the consumers, but also for hackers. Smart TVs have grown into a target of choice since their OS do not necessarily comply with security best practices. Major breaches have reportedly been discovered int he recent past.

The first one (http://blog.trendmicro.com/trendlabs-security-intelligence/android-based-smart-tvs-hit-by-backdoor-spread-via-malicious-app/) detected a malicious app for android based smart TVs. Broadcasted by third party websites, it offers the consumer to each  international channels, but what it really does is installing a backdoor that allows the hacker to install any applications he wishes to on the TV. He will then be able to access data and/or hijack the whole household network!

The second one (http://blog.checkpoint.com/wp-content/uploads/2015/12/EZCast_Report_Check_Point.pdf) aimed to test the EzCast dongle produces by Action Micro. Just as Google Chromecast, it allows to extend the content of a laptop onto the TV. It is allegedly used by millions of users globally. Check Point claims to have immediately found two vulnerabilities that allow hackers to remotely take control of the dongle. If the hacker is within proximity of his victim, it can even directly attach the dongle, since it permanently creates its own hotspot, only secured through an 8-digit password. Such a combination is too weak. A hacker can break it within 20 minutes.

What to do next ?

If you are a consumer, try to make sure you purchase appliances which are compliant with security best practices.
If you are a manufacturer, why not train your engineers on secure coding?