Friday April 07, 2017

Root Access Through Radio

Rafael Scheel has found that hacking the glowing box in your living room is as easy as spending 180 bucks on a DVB-T transmitter. Once the transmitter is in range of the target boob-tube the hack begins to exploit hybrid broadcast TV signals to leverage common bugs that exist in most web browsers on Smart TVs. With successful pwnage complete, an attacker can gain root access to the TV's operating system, setup SSH, and subsequently gain full control over the device from anywhere on the globe.

How much can you really do from a Smart TV? Quite a bit actually. Due to the fact that you are attacking the TV through RF, malicious networking traffic doesn't actually flow through the network. In other words, it never touches traditional network defenses like firewalls, IPS, or IDS. End users won't realize something is wrong until they are already completely owned. Welcome to the Internet of Things.

"Once a hacker has control over the TV of an end user, he can harm the user in a variety of ways, Among many others, the TV could be used to attack further devices in the home network or to spy on the user with the TV’s camera and microphone." آ– Rafael Scheel

The Internet of Things is a poorly executed mess. I can't wait for all of our transportation mechanisms to be a part of it.

You can read a white-paper that kicked off the concept of broadband signal hacking here. If you want info on the actual attack itself watch the video.