Two hackers have recently taken over thousands of Chromecasts Streaming devices to promote the YouTube Channel of PewDiePie. They hacked thousands of Chromecasts and forced people to show a message to subscribe to the channel listed. The Universal Plug and Play (UPnP) functionality of certain routers made this hack possible. Making an intelligent device such as Chromecast accessible on the Internet.
Universal Plug and Play (UPnP)
A set of networking protocols allowing networked devices, such as personal computers, Internet routers, Wi-Fi access points, and mobile devices. It’s going to discover each other’s involvement in the network and create functional network services for data sharing and communications. The UPnP is designed primarily for home networks without a business class device.
Have a feature that allows devices to discover each other on your local network and access certain services. This is often used to stream media between devices on a network.
This attack is known as CastHack was carried out by two hackers, Giraffe and J3ws3r. Both teamed up to promote the YouTube channel of PewDiePie. They both tricked Chromecast, a Google Media Streamer, into playing any YouTube Channel videos they wanted. However, they can play videos that are custom made.
A website for the attack claims to count the number of TVs forced to display the PewDiePie message and currently reports that more than 3,000 have been affected. Although it is not clear that this is an exact number (it has been reset several times), a number of people posted on Reddit that the video was on their TV.
This is the second time that HackerGiraffe and j3ws3r have been working together to promote PewDiePie with quirky, if disruptive, hacks. Both said that they were behind a hack in November, which forced printers worldwide to print paper sheets telling people to subscribe to PewDiePie.
For years now, PewDiePie has maintained its status as the top channel on YouTube. Currently, now its claim to the throne has recently been increasingly threatened. Called as T-Series, a channel owned by an Indian music producer.
The hack took place at the height of the ongoing battle between Kjellberg and another YouTube channel, the T-Series, near passing its subscriber count.
Hacker Giraffe told The Verge, however, that their main motto for this hacking was to reveal the vulnerabilities rather than to promote this channel. We want to help you and our favorite YouTubers (mainly PewDiePie) ” on their website. ” We only try to protect you and inform you about this[ vulnerability] before anybody really takes advantage of it.
So, for now, Google has to work to solve these problems. This problem can, however, be fixed manually by switching the Universal Plug and Play (UPnP) functionality in the Router setting off.
CastHack is meant to recall security flaws to Google, said Hacker Giraffe. This includes ” sensitive data leaked ” and the ability to remotely reset Chromecasts. The hackers are reportedly not harvesting or saving any information accessed during the attack, they only rename devices. Nevertheless, whether it is good or not, seeing the hack message pop up on a TV must be a very unsettling experience for the affected people.