Security researchers at Avast have hacked a Vizio smart TV and gained access to the WiFi network the device connects to, exposing a weakness in the Internet of Things (IoT) with a basic ‘Man in the Middle’ (MITM) attack.
Avast researchers said their aim was to “show just how much a regular person can be affected by vulnerabilities within a smart device.”
They experimented with a few different attacks, including a simulated MITM, the injection of an SSID, and the decoding of the device’s binary stream.
“In the end, we found that the smart TV we were inspecting actually broadcast fingerprints of users’ activities, whether they agreed to the device’s privacy policy and terms of services when first setting it up,” they said in a blog post.
Gaining control of a WiFi network via a Smart TV attack could be accomplished by hijacking DNS and serving malicious control data to the TV. “As the TV calls out to a control server by default and does not verify the authenticity of the control server, it allows an attacker in without the need for any incoming ports to be opened,” the researchers explained.
How much do you know about IoT? Take our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…