Monday, December 17, 2012

Is your TV Watching you? Security ALERT Over Samsung's Smart TV.


TV Owners that have the Plasma 8000 series, the 7500 LED LCD series, the 8000 LED LCD series or the 9000 LED  LCD series might want to know that HACKERS claim they can access to these TV's  

·         Security experts reveal they have been able to gain access to the device and scour its hard drives and connected drives for information

·         They claim to have 'complete root access' allowing them to install malicious software that could monitor its cameras and microphones

·         More and more devices that connect to the Internet are leaving unwitting consumers vulnerable to such hacking attacks

 Samsung's Smart TV could used by hackers to watch everything that happens in your living room by gaining access to the device's built-in camera and microphones, it has been claimed.

Malta-based security firm ReVuln posted a video showing how its researchers had learned to crack the television to access its settings - including any personal information stored on it.

'We can install malicious software to gain complete root access to the TV,' they claim in the video.

With such malware installed, hackers could use the Smart TV's built-in microphones and camera to hear and see everything in front of it.

Samsung's Smart TV can be used to browse the internet, use social networks, watch net-based commercial film streaming services and play online games, among other things, from the comfort of your sofa.

The devices can also be controlled by voice commands and gestures, using their microphones and cameras to detect what is happening in front of them.

However, while the Smart TV's are connected to the internet they are vulnerable to hackers who can access the device and access files stored on them.

Luigi Auriemma, co-founder of ReVuln, says he has found a way to track down the IP address of the device and gain access to seize control and scour any drives connected to it.

The video appears to show he is able to access remote files and information like the viewing history, as well as siphon data from USB drives attached to a compromised set.

Mr Auriemma told Ars Technica: 'At this point the attacker has complete control over the device.

Devices from lighting systems to air conditioners to computer games consoles now rely on online functionality, but their operating systems often do not have the same kinds of security measures now commonly deployed on Microsoft and Apple powered devices.

At the moment, ReVuln's exploit only works once hackers have managed to breach the network which the television is connected to. As such, Mr Auriemma told NBC News, he expects the main danger is of hackers targeting specific companies or individuals.

'In our opinion, it’s more interesting and realistic to think about attacks [against] specific targets reached via open/weak/hacked Wi-Fi or compromised computers of a network, instead of mass-exploiting via the Internet,' he said.

'That’s interesting due to the effects of the vulnerability (retrieving information and the possibility of monitoring) which are perfect for targeted attacks, from a specific person with a TV at home to a company with TVs in its offices.'

Revuln plans to sell information on the vulnerabilities to the highest bidder, the Register reported, claiming this will 'speed up' fixes faster than merely reporting them to the manufacturer.

The company would not go into details about the flaws it has discovered.

The possibilities of such vulnerabilities are worrying with increasing numbers of consumer electronics devices being equipped with sensors, cameras and microphones to detect what is happening around them.

A spokesman for Samsung said: 'We have discovered that only in extremely unusual circumstances a connectivity issue arises between Samsung Smart TV’s released in 2011 and other connected devices. We assure our customers that our Smart TVs are safe to use.

'We will release a previously scheduled software patch in January 2013 to further strengthen Smart TV security. We recommend our customers to use encrypted wireless access points, when using connected devices.'

The simple fix is not a patch which will also be hacked but a webcam cover that fits the Samsung Smart TV product line.  These webcam covers can be purchased at C-SLIDE.



No comments:

Post a Comment