Security researchers have found a weakness in Samsung’s Linux-based Smart TV software which could potentially give a hacker complete access to someone’s television.
According to NBC News, the Smart TV’s software weakness could give hackers access to every file on the television, any connected USB drive, and even the TV’s built-in camera and microphone. So potentially, you could wind up being the star of a hacker’s voyeur session and not even know it.
ReVuln, a Malta-based firm that specializes in “vulnerability research for offensive and defensive security,” gave a demonstration on how one could hack the TVs remotely from anywhere on that TV’s network.
Revuln posted a video on December 8 showing the team gaining access to TV settings, channel lists, widgets, USB drives connected to the TV (including the personal files that they contained), and remote control configurations.
The video said, “We can install malicious software to gain complete root access to the TV.”
When asked about the weakness in the Smart TV, Samsung told NBC News:
“Samsung takes the security of our products very seriously. We are currently investigating the matter and will take appropriate actions, to the extent necessary.”
NBC News recently reached out to Revuln. In an email, Luigi Auriemma, the firm’s co-founder, explained the significance of his firm’s discovery. He wrote:
“The vulnerability is exploitable remotely via network so the attacker needs to reach the TV IP address. In our opinion it’s more interesting and realistic to think about attacks [against] specific targets reached via open/weak/hacked Wi-Fi or compromised computers of a network, instead of mass-exploiting via the Internet. That’s interesting due to the effects of the vulnerability (retrieving information and the possibility of monitoring) which are perfect for targeted attacks, from a specific person with a TV at home to a company with TVs in its offices.”
There is a limitation on who can gain access to your Smart TV though.
It looks like the potential hacker has to be connected to the local network on Wi-Fi or plugged into the network via an Ethernet cable.
So, a good piece of advice?
Keep an eye on your network protection and make sure that it is secure. You don’t want a neighborhood kid that’s good with computers to know what you do in your personal time. Do you?