Monday, October 7, 2024
HomeCyber Security NewsMalicious HDMI Cables Steals Photos, Videos, and Location Data

Malicious HDMI Cables Steals Photos, Videos, and Location Data

Published on

John Bumstead, who works for a company called 404Media that fixes and sells used electronics, found an iPhone-to-HDMI adapter that seemed normal at first. However, the app that came with it was tricky because it asked users to scan a QR code.

This code leads to an ad-filled website, prompting downloads of an invasive app that requests various permissions, collects data, and sends it to China.

Bumstead tweeted about a spy-themed lightning cable, and unlike the HDMI adapter, this cable is a knockoff but resembles Apple’s design.

- Advertisement - EHA

MG, the researcher behind the malicious Lightning cables, included the risky adapter, anticipating users installing questionable apps.

Malicious activity
Malicious activity (Source – 404Media)

Technical analysis

The researcher used an old iPhone to connect the cord, which displayed a QR code and “LIVE TV” branding. Scanning it led to EZ Cast’s website, boasting over 10M users worldwide.

Check Point previously analyzed an insecure EZCast device, which could be easily brute-forced due to a weak 8-digit password. The company contacted EZCast in 2016 but received no response, indicating a lack of security considerations. 

The website displayed ads for a streaming service called ‘FANJESTIC,’ known for difficult cancellations, unrelated to the EZ Cast app obtained via the QR code.

The app requested location access and Privacy Policy acceptance from Actions Microelectronics Co., Ltd., outlining the collection of the following data:-

  • Email address
  • Use tracking cookies take location
  • Track favorite videos
  • Track videos watched
  • Track bookmarks
  • Track location Data
  • Track Sensor Data
  • Tracking Cookies Data
  • Installed Apps Data

The data collection aimed at targeted ads and required access to the Local Network, photos, settings, Bluetooth, and camera.

While fascinated by unusual cables and gadgets, the adapter’s significance is tied to the FTC’s Amazon lawsuit which highlighted the site navigation issues and spammy ads.

Malicious cords
Malicious cords (Source – 404Media)

Recyclers often acquire Amazon returns, including cables Bumstead collects from them. While not entirely certain it all comes from Amazon, recyclers have indicated so, as Amazon disposes of unsold FBA inventory.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Chinese Group Hacked US Court Wiretap Systems

Chinese hackers have infiltrated the networks of major U.S. broadband providers, gaining access to...

19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519

A critical vulnerability in Zimbra's postjournal service, identified as CVE-2024-45519, has left over 19,600...

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...

Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group

Microsoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Chinese Group Hacked US Court Wiretap Systems

Chinese hackers have infiltrated the networks of major U.S. broadband providers, gaining access to...

19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519

A critical vulnerability in Zimbra's postjournal service, identified as CVE-2024-45519, has left over 19,600...

Prince Ransomware Hits UK and US via Royal Mail Phishing Scam

A new ransomware campaign targeting individuals and organizations in the UK and the US...