Hackers Can Get Into Your Smart TV
December 13, 2012

Internet-connected Samsung TVs Vulnerable To Hackers

redOrbit Staff & Wire Reports - Your Universe Online

Samsung Smart TVs connected to the Internet are vulnerable to exploits by remote hackers, security researchers said on Wednesday.

Luigi Auriemma, a researcher with Malta-based security firm ReVuln, uncovered the vulnerability, which exists in most Samsung models but particularly the Samsung TV LED 3D.

The flaw makes it easy for hackers to locate the television´s IP address on the Internet, which can then be used to remotely access the device and gain the same level of control as someone sitting right next to the TV.

Once a hacker has remote access, they could then steal data or install malicious code on the TV, Auriemma said.

The hack exploits bugs in features that allow Samsung TV owners to install Skype, Pandora, and other types of apps on their devices.

Auriemma released a demonstration video showing how a "vulnerability for such devices can be used to retrieve sensitive information, monitor and root the device.”

These exploits allow a hacker to access remote files and information (including viewing history), as well as steal data on USB drives attached to the compromised TV.

"This specific vulnerability affects almost all the Samsung televisions of the latest generations, so multiple models," Auriemma told The Register.

"We plan to invest more time and effort on the home devices security in the near future testing the products of many other vendors (we chose Samsung because it's the current market leader in this sector) and moreover finding new types of attacks and ways to use such vulnerabilities. The televisions are just the beginning.”

ReVuln says it won´t disclose any additional details about the flaw, but will sell information about the vulnerability rather than report them to equipment manufacturers, in order to accelerate the development of a fix.

Security vulnerabilities, such as the one Auriemma uncovered, in advanced televisions have drawn serious interest in recent months.

In January, Adam Gowdiak of Polish security research start-up Security Explorations exposed a potential method for infecting set-top boxes with malware. The attack allowed hackers to either steal or share a satellite signal from a pay-TV subscriber.

The same mechanism could be used to capture high-definition content for later distribution over the Web.

Gowdiak presented the details about the vulnerability at the Hack In The Box Security Conference in May, and has since developed proof-of-concept malware showing how to defeat the Conax conditional access system -- the cryptographic technology aimed at preventing this type of attack.

Security Explorations said all four satellite receivers (ITI5800S, ITI5800SX, ITI2850ST, ITI2849ST) tested in its lab, each manufactured by Advanced Digital Broadcast for ITI Neovision, are allegedly vulnerable, The Register reported.

Each implements Conax conditional access using a security feature known as chipset pairing. Security Explorations said all of the vulnerabilities it uncovered centered on flaws in this mechanism.

Unlike ReVuln, Security Explorations notified the parties that either supplied or used the affected technology.

Set-top boxes and smart TVs are typically thought to be impervious to hackers, but in reality, televisions are becoming more and more like PCs and other devices in terms of their security vulnerability.

ARS Technica reported that the vulnerability discovered by Auriemma does not exist for TVs behind a router that uses network address translation, although it might be possible to use exploits based on IPv6 to bypass that protection.