Matsuda Posted May 12, 2014 Share Posted May 12, 2014 ‘Smart’ televisions with built-in microphones could be used as bugging devices by corrupting them with malware, according to software specialists NCC Group, as reported by The Register. An attacker would not even need physical access to the television to launch an attack, security experts from the group warned. Fooling a user into installing a malicious app is one way to gain control of the microphone – but models of televisions with built-in storage and microphones can be set to auto-update, so an attacker could feasibly create an app, then release an update containing it.Software escrow specialists NCC recently released a white paper examining potential solutions for the problems posed by so-called “Internet of Things” devices.‘Smart TVs’ seem to have been particularly soft targets. LG admitted that one of its models had been sending information during shows watched by their owners without informing them. After a successful hack of a Samsung Smart TV, Senator Charles E Schumer, a Democrat from New York addressed a letter to television manufacturers urging them to improve security.“Many of these smart televisions are vulnerable to hackers who can spy on you while you’re watching TV in your living room. You expect to watch TV, but you don’t want the TV watching you.”The latest hack was demonstrated by NCC near the Infosec conference in London last week, with journalists from The Register shown how Smart TVs can be hacked in much the same way as using a malicious app against an Android phone.“Malicious apps could be downloaded from the manufacturer’s app store. The TV does have the option for auto-updating, so releasing a legitimate app, then releasing a malicious update, is another attack vector,” a researcher said.“The devices contain microphones and cameras that can be utilised by applications, Skype and similar apps being good examples.”“The TV has a fairly large amount of storage, so would be able to hold more than 30 seconds of audio – we only captured short snippets for demonstrations purposes. A more sophisticated attack could store more audio locally and only upload it at certain times, or could even stream it directly to a server, bypassing the need to use any of the device’s storage.”Source Link to comment Share on other sites More sharing options...
Holmes Posted May 12, 2014 Share Posted May 12, 2014 Sorry we cant watch the news you didnt pay the bill no our tv is infected with malware I need to install avast on my tv. Makes me not want to get a smart tv I prefer a led threeD tv only anyway I dont need a smarttv unless I have no choice.. Link to comment Share on other sites More sharing options...
software182 Posted May 12, 2014 Share Posted May 12, 2014 (edited) Thank God I'm still using an 8-year-old TV :s Edited May 12, 2014 by software182 Link to comment Share on other sites More sharing options...
Recommended Posts