Hackers hack thousands of Chrome Chrome devices



[ad_1]

Hackers has kidnapped thousands of Chromecasts enabled by Chrome Chromium to warn users of a security vulnerability affecting the device, a vulnerability that Google has been ignoring for nearly five years, but other researchers say that the error can be used in more damaging attacks. If nothing has been done, hackers have forced infected ChromeStone devices to display a pop-up notification that can be viewed on the connected TV, warning the user that the incorrectly configured router was displaying the PIR.

The authors, known as TheHackerGiraffe and J3ws3r, were the last to know how to cheat Google's broadcasters by offering them YouTube videos, including custom videos. They also asked users to subscribe to the PewDiePie YouTube channel on YouTube. Famous from Sweden and his real name is Felix Kjellberg.

This error, called CastHack, exploits a vulnerability in Chrome and its connected routers, and some home routers enable UPnP, a network protocol that can be exploited in many ways. UPnP redirects the ports from the internal network. On the Internet, you can make Cast Cast devices and other devices visible from anywhere on the Internet.

The hackers explained that users had to disable UPnP to solve the problem. A Google spokesman said: "We have received information from users who have viewed unauthorized videos on their TVs via a Chrome Chrome device." This is not a problem with Chrome Chrome in particular. 'is the result of erroneous settings for the router that makes smart devices, including Chrome, generally inaccessible ".

Topics related to what you are reading now:

In 2014, Bishop Fox discovered the flaw that allowed piracy of Chrome hardware shortly after its appearance: the attacks revealed that the attack by Chromecast's fault could separate the Chrome-Cast device from the wireless network logged. Cyber ​​Pen Test partners said the Chromium cast was still vulnerable to Droid Chromecast attacks two years later.

Ken Munro, founder of Pen Test Partners, said: "It is not surprising that someone else can find the hole since Bishop Fox found it in 2014 and we We found it in 2016. " Fixed Chromecast offset.

The attack method seems to be different, but the mode of exploitation remains the same. CastHack can be used online. Monroe explained that it's easy to run other smart home appliances such as Amazon Echo by hijacking a Chrome Chrome device and forcing it to execute powerful voice commands. Captured by microphone.

TheHackerGiraffe had already hijacked nearly 50,000 printers worldwide to invite them to subscribe to the PewDiePie channel, where messages were sent to random people in different locations. Hacker has exploited the high-end multifunction printers of large companies as well as small storage printers at gas stations and restaurants.

[ad_2]
Source link