Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Thursday March 30 2017, @08:49PM   Printer-friendly
from the not-even-couch-potatoes-are-safe dept.

A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting — Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users.

The attack, developed by Rafael Scheel, a security researcher working for Swiss cyber security consulting company Oneconsult, is unique and much more dangerous than previous smart TV hacks.

Until now, all smart TV exploits relied on attackers having physical access to the device, in order to plug in an USB that executes malicious code. Other attacks relied on social engineering, meaning attackers had to trick users into installing a malicious app on their TV.

Even the mighty CIA developed a hacking tool named "Weeping Angel," which could take over Samsung smart TVs and turn them into spying devices. But despite its considerable human and financial resources, the CIA and its operators needed physical access to install Weeping Angel, which made it less likely to be used in mass attacks, and was only feasible if deployed on one target at a time, during carefully-planned operations.

Because of the many constraints that come with physical and social engineering attacks, Scheel didn't consider any of them as truly dangerous, and decided to create his own.

Source: BleepingComputer


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by NotSanguine on Friday March 31 2017, @06:08PM

    Your points are both valid and insightful, turtle. Thank you.

    You seem to be reading between the lines quite a bit as far as maxwell_daemon's comments. Perhaps further than is warranted.

    As I pointed out, even cellular signals can be easily detected, even if they are not so easily blocked.

    I suppose it's possible that some smart tv manufacturers are surreptitiously including cellular transceivers into their products on the off chance that someone will block access via their own networks. That seems rather unlikely, however, since most people will just plug their device in and, through ignorance (willful or otherwise), let the device transmit whatever it wants over their internet connection.

    Given that few have the knowledge, skills and presence of mind to even consider how their data may be exfiltrated, I'm not so concerned about large-scale secret back channels being integrated into smart tvs. At least not yet.

    Perhaps I'm not sufficiently paranoid. Then again, I haven't detected any cellular transmissions emanating from my smart tv.

    --
    No, no, you're not thinking; you're just being logical. --Niels Bohr
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2