Security researchers at Avast have hacked a Vizio smart TV and gained access to the WiFi network the device connects to, exposing a weakness in the Internet of Things (IoT) with a basic ‘Man in the Middle’ (MITM) attack.
Avast researchers said their aim was to “show just how much a regular person can be affected by vulnerabilities within a smart device.”
They experimented with a few different attacks, including a simulated MITM, the injection of an SSID, and the decoding of the device’s binary stream.
“In the end, we found that the smart TV we were inspecting actually broadcast fingerprints of users’ activities, whether they agreed to the device’s privacy policy and terms of services when first setting it up,” they said in a blog post.
Gaining control of a WiFi network via a Smart TV attack could be accomplished by hijacking DNS and serving malicious control data to the TV. “As the TV calls out to a control server by default and does not verify the authenticity of the control server, it allows an attacker in without the need for any incoming ports to be opened,” the researchers explained.
How much do you know about IoT? Take our quiz!
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…
Elon Musk firm touts cheaper EV models, as profits slump over 50 percent in the…
Bad news for Tim Cook, as Counterpoint records 19 percent fall in iPhone sales in…