Image: The Verge

‘CastHack’ is taking control of Chromecasts to promote PewDiePie

  • Twitter
  • Facebook
  • Google+
  • Pinterest

Two hackers going by the names HackerGiraffe and j3ws3r hacked into thousands of Chromecast devices. The attack forced the affected people’s TVs to display a message that told people to subscribe to PewDiePie’s Youtube channel. Although it’s not clear how many people got affected, it’s been reported that thousands of people got their TVs hijacked.

This isn’t the first time HackerGiraffe and j3ws3r have done something like this. The ongoing battle between PewDiePie and T-Series to become the biggest channel on Youtube has resulted in some very bizarre antics from supporters. Popular Youtuber MrBeast bought every billboard in his city to promote PewDiePie’s channel. He’s also bought bathroom ads, gone on the news, and even promoted the Swedish Youtuber’s channel on the radio.

Other PewDiePie supporters are also doing everything they can to ensure T-Series doesn’t win. Before the Chromecast hack (CastHack), HackerGiraffe and j3ws3r hacked into printers two months ago. The printers would then print sheets of paper supporting PewDiePie. However, according to HackerGiraffe, the PewDiePie bit is not just to support their favorite Youtuber. The real reason for these hacks is something much more important.

Image: IBTimes India
Number of devices affected at one point

CastHack is more than a fun little prank

Although from the looks of it, the hack looks like nothing other than harmless fun to fuel the ongoing battle between PewDiePie and T-Series. However, the attack shows just how easy it is to hack into a device such as Chromecast. Those looking to hack into such devices can easily steal and sell people’s valuable private information.

HackerGiraffe has also come forward in explaining that the real purpose of these hacks is to expose the vulnerability of different devices owned by these big companies. On their website, it says:

“We want to help you, and also our favorite YouTubers (mostly PewDiePie).”

“We’re only trying to protect you and inform you of this [vulnerability] before someone takes real advantage of it.”

Google’s response

It was fairly easy for two hackers to hack into thousands of Chromecast devices. However, it seems that Google was not to blame for this one. Google has come out and said that it a router setting that enabled the hackers to get into people’s devices. Google has advised all their users to turn off Universal Plug and Play (UPnP) on their routers to avoid something like this.

Image: The VPN Guru
Image: The VPN Guru

Even though the problem could’ve been averted by a simple setting change, it’s still not enough. There should be internal security measures within the Chromecast device itself which should ensure protection from external hackers. That’s because UPnP is an important setting that a lot of users utilize, it’s not there without good reason.

Online gaming has grown a lot over the past few years. The UPnP router setting helps with smooth, uninterrupted online gaming a lot. Turning the setting off would mean anyone who plays online games in such a household suffers. A lot of people won’t be willing to make that tradeoff. Therefore, Google should put in more effort to secure their Chromecast devices.

Sensitive data is at risk

The people affected by CastHack were lucky that the people responsible for the hack were aiming to raise awareness. If someone with wrong intentions were to hack into a Chromecast device, they could easily steal sensitive information which would cause a lot of trouble for Google and its users. Users affected by CastHack only had their device’s name changed and were asked to subscribe to PewDiePie; no data was stolen.

However, the threat against the privacy of personal data is very real. Big companies like Google should definitely put in more effort to secure their devices as everything that’s connected to the internet can be exploited and used against someone.

 

Leave a Reply

Your email address will not be published.
Required fields are marked *

error: Content is protected !!