Saturday, February 15, 2025
HomeComputer SecurityHackers Compromised SmartTVs and Chromecast Devices To Promote PewDiePie YouTube Channel

Hackers Compromised SmartTVs and Chromecast Devices To Promote PewDiePie YouTube Channel

Published on

SIEM as a Service

Follow Us on Google News

Hackers hijacked thousands of publically available Chromecast/SmartTV/GoogleHome devices to remotely play video on the users device and urge users to subscribe for the channel.

The hacking campaign dubbed CastHack run by two hackers with online name HackerGiraffe and j3ws3r. The attack infected more than 3,000 TVs and forced to show PewDiePie message.

The attack targets the misconfigured routers that have UPnP service enabled and forwarding network traffic over ports 8008/8443/8009, these ports are used by the smart devices to connect with the Internet.

“If you came here because you’re a victim of #CastHack, then know that your Chromecast/SmartTV/GoogleHome is exposed to the public internet, and is leaking sensitive information related to your device and home,” HackerGiraffe/j3ws3r reads the page that stats page.

According to their initial Shodan scan, they found 123,141 exposed devices, the hackers set up a script that checks the IP is associated with, Google Home, SmartTV, or Chromecast devices then it renames the devices HACKED_SUBTOPEWDS and attempts to run a Youtube video.

HackerGiraffe said the best way to fix by disabling the UPnP on the router and to disable port forwarding with 8008/8443/8009.

https://youtu.be/SBtH_f8nwMQ

A Google Spokesperson said the users need to fix the issue by modifying the router settings and this is not an issue with Chromecast specifically.

The hacker duo is harmless “We just want to have a bit of fun while educating and protecting people from open devices like this case. Also, subscribe to PewDiePie on YouTube!”

They warned that if the vulnerability exploited by a malicious hacker they can remotely play media on your device, rename your device, factory reset or reboot the device, force it to forget all wifi networks, force it to pair to a new Bluetooth speaker/wifi point, and so on.

https://twitter.com/HackerGiraffe/status/1080390673541591040

The hackers already launched multiple campaigns last month, they hacked thousand of the printers worldwide to promote PewDiePie. In the second campaign 100,000 Printers Hacked Worldwide to promote PewDiePie YouTube Channel.

PewDiePie is the leader of the most subscribed youtube channel for more than a year now and an another Youtube channel from India called “T-Series” close to gain more number of subscribers than PewDiePie.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Fake BSOD Attack Launched via Malicious Python Script

A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick...

SocGholish Malware Dropped from Hacked Web Pages using Weaponized ZIP Files

A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using...

Lazarus Group Targets Developers Worldwide with New Malware Tactic

North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign...

North Korean IT Workers Penetrate Global Firms to Install System Backdoors

In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Cl0p Ransomware Hide Itself on Compromised Networks After Exfiltrate the Data

The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has...

Ratatouille Malware Bypass UAC Control & Exploits I2P Network to Launch Cyber Attacks

A newly discovered malware, dubbed "Ratatouille" (or I2PRAT), is raising alarms in the cybersecurity...

Beyond the Horizon: Assessing the Viability of Single-Bit Fault Injection Attacks

The realm of fault injection attacks has long intrigued researchers and security professionals.Among...