As mentioned earlier, security people I’m following and talking to have mostly dismissed that Chromecast + UPnP was to blame for yesterday’s “Chromecast hack” as Chromecast/Home/etc don’t really use UPnP for anything useful.
TL;DR – UPnP isn’t blameless, but Google may be.
One issue is that Chromecasts (just going to call all affected devices Chromecast for this article,) are consumer products and once you’re in-network you’re not really dealing with a secure device. NAT and WiFi are your security.
From inside your network I can rename, cast, reboot, make a Home device talk, etc. This is by design. This only works if you’re in the person’s network. There’s a list of what you can make a Chromecast do. I don’t have it at 12:30am. Sorry.
That’s what it appears actually happened. Hackers got in your network through cheap router exploits. The Chromecast / smart TV / speakers / etc were just there as a display device. The hackers previously did about the same thing and printed out documents detailing how people’s printers were open and accessible because of router shittiness.
This time they renamed the Chromecasts, initiated a video stream, blamed Google, promoted that YouTube dude, and moved on.
The issue here is they were in the affected people’s network. They blamed Chromecast and your smart TV as opposed to blaming your craptastic router (or perhaps they did, web page detailing the thing is down at the moment, so all I can see is the images and Verge article blaming Google,) they just rolled up into and exploited a bad UPnP daemon, hopped into the network, found the cast devices, renamed, started a video stream, and bam.
UPnP isn’t supposed to let the outside world barge in unannounced. This is where the crappy part of crappy routers come into play. Update that router’s firmware yet? Do you think many of the hacked people would ever have? Change the default admin password?
On the Verge article there’s a quote from the hackers that CastHack was meant to remind Google of security flaws.
It appears the flaws are you’re putting a pretty open device behind something someone picked up at Walmart for $29 and is using as a router.
Disabling UPnP did the trick on some routers, on some changing the default admin password would be required, on some a hammer might need applied, you get the drill.
But yes, I’m up past midnight posting that this doesn’t appear to have been a Google hack, more like cheapest router hack.
OK, so I love to source stuff, it’s midnight, I’ve got a cold, I’m going to thank some people in various forums, IRC, and post some twitter links and hit bed.
Two Twitter quotes (SwiftOnSecurity,) that sum up everything above:
Going by The Verge’s picture above, and what I’ve read, the Chromecast/Smart TV are indeed exposed (because router is garbage) and most likely the TV and Chromecast are not exposing any information about you, your router yes.
Powered by WPeMatico
Yeah, I will have to disappear. Most probably for good this time. Who knows? Maybe I’ll appear in 2 weeks on this same account again. No matter how much I write, I can’t describe to you the mental stress and panic I’m going through right now. But I won’t complain about that, because people will say I brought this on myself, I did those “hacks”, I deserve the consequences. But I’m a human too, don’t just throw away all my emotions because of my “hacker” personality. I don’t deserve to be thrown under a bus for wanting to help people, but I guess that will put a smile on some people’s faces.
But I will say this. There are still so many devices exposed to the public internet. Routers with default passwords, telnet servers with bruteforcable passwords, open UPnP servers (GOD DAMN UPNP WILL BE THE DEATH OF US ALL), open SMB printers, freaking LGTV/Samsung/Sony TVs, so forth and so forth. I had a huge list of next targets, some even with ready PoCs and code. I guess that’s all dead now.
Please secure your devices. My intentions behind this were to stop this from becoming a global outbreak, and I know many of you will not believe that such a pure intention exists, but picture your family being hacked. Would you enjoy it? Would you feel rested knowing there was something you could have done to prevent their Chromecast playing NSFW material or their printer printing infinite black pages till the toner ran out? No, I don’t think so. So I did what I believed in, what I felt like was my responsibility, and ran harmless “hacks” that would hopefully alert the world to fix their devices. If I’m really about to be hit with trials for what I did, then at least I know I helped the world be a little safer, and what I did will hopefully raise awareness in a lot of people’s eyes.
I cannot express the joy I felt after seeing the number of open UPnP devices go down on Shodan. Or when people were genuinely DMing me thanking me for helping them secure their office building of over 50 printers. It felt like the power I had was being put to good use, and I was helping the world become a better place with the skills I had. Why not have some fun while I’m at it? The whole TSeries vs PewDiePie has been hilarious so far and pretty cool if I’m honest. Seeing a community come together like that, it’s pretty cool.
Pewds, I’m sorry for the media attention this has brought your way. I genuinely love and enjoy your content, been watching for a seriously long time now. Back when barrels and Fridays with PewDiePie were still a thing. I love your attitude with media, your fans, and your genuine sense of humor. If people can’t understand sarcasm and humor, that’s on them, not you. (inb4 I get called a Nazi as well), oh and tell Poppy Harlow I said Hi.
Also Pyrocynical you idiot I tagged you a million times to notice me but you didn’t you unfunny brit (jk I binge watch your content with friends ily).
What am I going to do now? I don’t know. I’m scared. I’m genuinely afraid and panicked. I can’t even look at a terminal or code editor right now, it’s almost like PTSD. Not just because of the law enforcement issue, but those DMs spooked me. I don’t know why they’re getting to me, but they are. I don’t know if I will even be able to sleep tonight. I’ll try to stay strong friends, I really will. The internet never forgets, but people do. I’ll be an old story in about a month from now. Up to you to unfollow or not. Under no circumstances should anyone be exposed to this kind of harassment or abuse. Even if you disagree with me and what I did. I’m still a human, I have feelings and emotions too. I’m not heartless.
To all my patrons and those who wanted to learn cybersec, the only thing I can leave you with is this: https://ghostbin.com/paste/vb4o6
Please use it responsibly. I’m begging you, be safe.
Also since I won’t be logging in anymore, can you guys recommend some nice happy romance animes (again I know) on #AnimeForHackerGiraffe? Don’t spam the replies in the tweet, please.
I wish you all the best, and to anyone I offended with the PrinterHack/PrinterHack2 and CastHack, I sincerely apologize. I was only trying to help you. It was never my intention to make you feel attacked or vulnerable or even forced to subscribe to PewDiePie.
Thank you for the laughs, for the support, for the ideas, for the good times, and for the memes. Love you all. I’ll be watching, keep up those #HackerGiraffe memes. Keep fighting the good fight, and subscribe to PewDiePie. Peace.
Shoutout to all my hacking/infosec heroes: @HackerFantastic @HackingDave @MalwareTechBlog @thegrugq @x0rz @PythonResponder @Snowden
Shoutout to the coolest hacker friends: @j3ws3r @friendlyh4xx0r
Complete stats for #CastHack: https://imagebin.ca/v/4SGxlZgtwz6O
Powered by WPeMatico
- Bruce Sterling’s State of the World — this year’s guest, James Bridle. It’s quite clear that many things being currently constructed, from large-scale capitalist enterprises to social media timelines to microinteractions on smartphone apps, are specifically designed as attacks on our ability to think clearly and act autonomously: “the race to the bottom of the brain stem,” as Tristan Harris puts it. What you’re feeling is not some weird emergent effect of too much screen time: it’s deliberate. (via BoingBoing)
- Flair — very simple framework for state-of-the-art NLP. Multilingual, built on PyTorch.
- Towards a Human Artificial Intelligence for Human Development — Sandy Pentland was a co-author, so it caught my eye. This paper discusses the possibility of applying the key principles and tools of current artificial intelligence (AI) to design future human systems in ways that could make them more efficient, fair, responsive, and inclusive.
- TS100 — new open source firmware for your soldering iron. You had me at “soldering iron with flashable firmware”…
Powered by WPeMatico
A roundup of the most popular Gaming mice on Amazon for under $20! Gaming Monitors, Keyboards and Headsets coming next!
►RGB Mousepads Under $30: http://bit.ly/2GV9ewb
Logitech G300s: https://amzn.to/2VqQR5C
Redragon M601: https://amzn.to/2SDYTGA
Hiraliy F300: https://amzn.to/2GPx4JB
Redragon M711 Cobra: https://amzn.to/2VpdCXo
Redragon M602: https://amzn.to/2BZb4X0
Pictek #1: https://amzn.to/2BUvbWt
Pictek #2: https://amzn.to/2s2bgR0
Logitech G300s: https://amzn.to/2BVhFC2
Redragon M601: https://amzn.to/2ArcTwi
Hiraliy F300: https://amzn.to/2BUEPbM
Redragon M711 Cobra: https://amzn.to/2AtGk0C
Redragon M602: https://amzn.to/2C7upFV
Pictek #1: https://amzn.to/2AsmBhD
Pictek #2: https://amzn.to/2VrMsz5
Logitech G300s: https://amzn.to/2BWeNEX
Redragon M601: https://amzn.to/2VtDZvF
Hiraliy F300: https://amzn.to/2AqgTgo
Redragon M711 Cobra: https://amzn.to/2CMDtkU
Redragon M602: https://amzn.to/2RsnHUn
Pictek #1: https://amzn.to/2BSuZH6
Pictek #2: https://amzn.to/2GSRpho
Powered by WPeMatico
The British Ministry of Defense has confirmed that the “military capability” it had deployed to prevent illegal drone flights at Gatwick airport has been withdrawn. “The Armed Forces stand ever-ready to assist should a request for support be received,” the MoD added in a statement.
Gatwick was brought to a virtual standstill between the 19th and 21st of December when several drones were spotted above the airfield. Roughly 1,000 flights were suspended and tens of thousands of passengers were affected while police searched for the drones’ pilots. The U.K.’s aviation minister said that the culprits could face up to five years behind bars if caught and convicted.
A Gatwick spokesperson insisted the airport would be just as well protected against drones now that the military had left: “We have invested several million pounds to ensure that we are equipped to the level of security that was provided by the armed forces. We can’t go into any more detail about what that equipment is, but a range of measures are in place”.
But according to the Associated Press, an Israeli technology company has said its anti-drone system has drawn major interest in the weeks since the incident at Gatwick. Skylock, the company that manufactures the technology, is one of many now specializing in detecting and downing intruder drones by “jamming” them, or disrupting their frequencies.
Product manager Asaf Lebovitz said the company, which emerged to target militant drone use in Syria, has shifted focus to commercial applications and has been approached by airports in North America and Europe. Noam Milstein, drone operations chief for Israel’s Civil Aviation Authority, said such systems are “obviously becoming crucial to prevent drone incursions from those who don’t care about the regulations in place.”
Chief Constable Giles York of Sussex Police said last week that police had received 115 reports of sightings in the area, including 93 that had been confirmed as coming from “credible people” including a pilot and airport staff.
But the culprits remain at large. Two people – Paul Gait and Elaine Kirk – were arrested on Dec. 23, but later released without charge. The couple told Sky News they felt “completely violated” by the subsequent intrusion into their lives.
The following day, a senior Sussex police officer added to the state of confusion when he suggested that there might not have ever been any drones over Gatwick at all – though his comments were later dismissed as a “miscommunication”.
With no reliable information forthcoming, disgruntled passengers took to Twitter to vent their dismay.
Others – namely, those who were in no way affected by the travel chaos – saw the funnier side of things.
Powered by WPeMatico