Black Hat: Smart TVs are the ‘perfect target’ for spying on you

There are some words that companies should not attach to their products, such as “unhackable,” since it could taunt a hacker into proving the product can be hacked. Also, if you tell security researchers that something is “impossible,” you’re basically throwing down a challenge. Say thank you to Smart TV PR damage-control for telling the media that when smart TVs are turned off, then it is impossible to use the TVs for surveillance. When the LED power light is off, a person would assume that means the TV is actually off. Ha!

That slide is from SeungJin ‘Beist’ Lee‘s Black Hat presentation Hacking, Surveilling, and Deceiving Victims on Smart TV [pdf].

Lee and Korea University Professor Seungjoo Kim implemented two tools for their surveillance program:

1.       Taking pictures and sending them to our server automatically.

2.       Video recording and live – watch it remotely (Streaming!)

Lee pointed out that if your smartphone is compromised, allowing an attacker to take control of the camera and take one picture every minute, not only would the battery drain faster, but there would be hundreds of useless photos captured when the phone is stuffed in a pocket, buried in a purse, or the camera is face-down. Although smartphones go where you go, and using a Smart TV for spying most likely wouldn’t be stealing business secrets, it would be an immensely invasive attack on your (and your family’s) privacy.

Surfing the web from your TV is a “huge risk” that Lee compared to “web surfing within a web browser from many years ago.” All apps run with “root” privileges. Since it’s basically like a “regular PC,” then an attacker could do things like sniff network traffic, install a keylogger, capture TV screenshots, or brick the TV. So Lee asked 100 friends which of the following is the worst case scenario if their TV is hacked:

1.       Stealing financial information.

2.       Hijacking TV programs.

3.       Breaking your TV.

4.       Watching and listening via your TV.

Although 85% voted that a bad guy using your smart TV for surveillance was the worst case, Lee said the other 15% probably didn’t understand what he could do after pwning a TV.

He included a few slides that even the technically challenged could understand.

Additionally, in the same way that the Associated Press Twitter account was hacked, then tweeted false “breaking news” that made the stock market drop, it is possible to pull off a similar hoax through Smart TVs.

While hacking Smart TVs to use for spying is far from mainstream, Lee described TVs as the “perfect target for surveillance.” He intends to release his surveillance rootkits and hoax tools.

Hacking Samsung Smart TVs

Also at Black Hat, two security researchers from iSec Partners put Samsung Smart TVs in their crosshairs. Aaron Grattafiori and Josh Yavor presented “The Outer Limits: Hacking the Samsung Smart TV.” They warned that “malicious developers or remotely hijacked applications (such as the web browser or social media applications)” could “take complete control of the TV, steal accounts stored within it and install a userland rootkit.” Of course the talk included how the camera and microphone could used be “for spying and surveillance.” They even suggested “worst case scenarios” such as a “TV worm.”

Grattafiori told Mashable, “Because the TV only has a single user, any type of compromise into an application or into Smart Hub, which is the operating system – the smarts of the TV – has the same permission as every user, which is, you can do everything and anything.”

Samsung Smart TV social media apps, “like Skype or Facebook, are written in JavaScript or HTML5,” which allowed the researchers to exploit and inject “malicious code into chat messages or into the browser,” so they could remotely take control of the TV.

Samsung patched the security holes, but the researchers advised users to keep their TVs updated and to avoid surfing to suspicious sites. Although they said using passive apps like Netflix “should be relatively safe,” unplugging the device from the Internet altogether should definitely keep it safe from attackers. That may be something you are unwilling to do since you purchased a Smart TV for a reason, so Yavor added, “When in doubt, there’s always a piece of tape or a Post-it you can put on the camera.”

Like this? Here’s more posts:

• You might be a terrorist if…you complain about your tap water
• Microsoft joins ranks of those believing the government is conspiring against them
• Microsoft cites constitutional rights to lift gag orders, tell public about gov’t spying
• Govt’s $2.7 million KILL IT WITH FIRE approach to malware: Destroy all hardware
• TSA PreCheck screening includes 3rd-party data-mining you ‘so long as it is legal’
• Black Hat snarky tweets as NSA Chief delivered ‘Defending Freedom & Civil Liberties’ keynote
• Hacking and attacking automated homes
• Hijacking Office 365 and other major services via cookie re-use flaw
• Cross-platform virus spreading as Microsoft expands MAPP program
• Black Hat: It’s not ‘tricky’ for hackers to turn your phone into a SpyPhone
• USA PRISM Plus, the perfect NSA photo-sharing app for those who have nothing to hide

Follow me on Twitter @PrivacyFanatic