More than 85% of Smart TVs can be remotely attacked by television

Because of the lack of security and security, most embedded devices such as Smart TVs, refrigerators, microwaves, security cameras, printers are frequently attacked and become weapons in cyber wars.

Late last year we just witnessed the emergence of bonnet iodine like Miria - the biggest threat from malicious software using iodine. By widely deploying DDoS attacks on DynDNS supply plants it has caused widespread power outages. This proves that these devices are easily compromised.

Recently, a security researcher recently warned of another threat from IoT when using Smart TV. That is, using Smart TV connected to the Internet can cause hackers to instantly control a large number of Smart TVs without any physical access to these devices.

Evidence for the attack

Rafal Scheel, an employee of Oneconsult, has deployed evidence for an attack using an inexpensive signal generator to embed malicious commands into fake DVB-T signals (Terrestrial Digital Video Broadcasting) ).

After that, these fake signals are transmitted to nearby devices, allowing hackers to access root on Smart TV and using those devices for bad purposes such as launching DDoS attacks and tracking. end user.

In a speech at the European Broadcasting Union's (EBU) Multimedia Security Conference, Scheel gave evidence of this direct attack and said 90% of Smart TVs were sold. Last year were all at risk of becoming victims of similar attacks.

With evidence gathered from a DVB-T-based transmitter - a transmission standard that connects to the Internet attached to the TV.

Initially, the attack discovered two security flaws that upgraded privileges in hidden web browsers and after the attack, hackers used interfaces to remotely connect to the TV over the Internet, allowing them to Complete control of the device.

After being compromised, the TV may have been infected with malicious code so to get out of this situation, simply restart the device and restore the original settings.

Previously, in order to catch hackers as well as limit the number of devices that could be compromised, Smart TV attacks such as Weeping Angel (described in the CIA leaked document) often required access. Physical into the target device or depends on social engineering.

However, according to Scheel's proof, hackers now do not need physical access to the device and can still access most TVs at the same time.

Using the "Internet of Things" device is a risk. The faster IoT devices change and the way we use technology, the more opportunities for the bad guys to attack to be opened and when it comes to the advantage of information security, the IoT can become into a concern.