A new hack is urging you to sub to PewDiePie, this time on smart TVs and Chromecasts

Did your printer suddenly spew out a piece of paper telling you to subscribe to PewDiePie last month? Or maybe you saw the hacked Wall Street Journal-affiliated site which also urged you to subscribe to the Scandinavian edgelord in his long-running feud with Bollywood-music-posting channel, T-Series?

Well, the hacker from the printer hack is back again, with the same message of obedience to Pewds but with a new venue – your Chromecasts and smart TVs.

More about the hack

Over 5,500 Chromecasts, smart TVs, and Google Home devices had been pressed into campaigning for the YouTube star by Wednesday morning, a small fraction of the actual number of smart devices that are seemingly open to the internet with no protection.

That’s a pretty gaping security home for anyone, presumably in the name of ease-of-use (or just simple laziness) on the part of the manufacturers.

https://twitter.com/HackerGiraffe/status/1080019306690367489

https://twitter.com/HackerGiraffe/status/1080536039381454849

According to the (ethical – his words, not mine) hacker, the list of things that a malicious actor could do on a Chromecast is pretty scary. From the humble streaming device, the attacker could find out your WiFi details, nearby Bluetooth devices, install updates (with malware attached), and then pivot to other devices in your home with those details.

https://twitter.com/HackerGiraffe/status/1080106853084921858

What happens if your network is vulnerable

If your network is vulnerable, your Chromecast will start playing the below video, with a message saying: “Your Chromecast/Smart TV is exposed to the public internet and is exposing sensitive information about you!” It then goes on to instruct you to sub to PewDiePie, as if that will do anything about your shitty security situation.

The end of the video has a link to CastHack, an informational site put up by the hacker to show why/how and how to mitigate the attack from happening again.

In the time I was writing this, Google has apparently pushed out a stopgap measure that stops the playing of YouTube videos via the HTTP API. While that seems to stop the attack, really it’s only stopping the payload – the actual attack is still functional.

You can protect yourself by going into your router’s settings, turning off Universal Plug and Play (UPnP) and preventing network traffic being forwarded to ports 8008, 8443, and 8009.

A Google spokesperson gave a pretty weak statement to c|net, stating that: “This is not an issue with Chromecast specifically, but is rather the result of router settings that make smart devices, including Chromecast, publicly reachable.”

Isn’t part of the blame on Google for letting the devices be in an internet-reachable state by default? I imagine this is just a preliminary statement where Google will actually do something about the attack vector in the future. That still won’t stop other Internet-reachable devices from being similarly attacked though, so you might want to block those ports in your router anyway.

Was your TV or Chromecast affected by this? Are you subbed to PewDiePie? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

• Another data breach is causing Google to shut down Plus sooner than expected
• Alexa Guard looks to turn your smart assistant into private security
• Facebook ignored its own privacy rules in secret deal with Amazon
• You’ll soon be able to make your favorite dishes from Elder Scrolls in your own kitchen
• This website will remove and split vocals on those hard-to-find karaoke tracks