Two weeks ago, an advert for YouTuber PewDiePie appeared in a Wall Street Journal publication thanks to a hacker. Now, it appears that hackers have struck again, this time taking over thousands of Chromecasts, Google Home devices, and smart TVs in order to display a PewDiePie advertisement.
As previously reported by the Inquisitr, a page associated with the Wall Street Journal was hacked and showed the following message.
“Wall Street Journal would like to apologize to PewDiePie. Due to misrepresentation by our journalists, those of whom have now been fired, we are sponsoring PewDiePie to reach maximum subscribers and beat Tseries to 80million. We also need your credit card number, expiry date, and the lucky 3 digits on the back to win the chicken dinner in Fortnite.”
The advert also showed a link to PewDiePie’s YouTube channel and was believed to be posted due, in part, to the Wall Street’s Journal‘s coverage on PewDiePie’s recent anti-semitic slurs.
At the time, Wired had reported that the hacker involved said they were involved with an “army” of hackers that were sympathetic to PewDiePie, which is the moniker for the Swedish-born, Felix Kjellberg. The new advert states that the message has come from a hacker known as “HackerGiraffe.”
The new PewDiePie advert has used device vulnerability to being hacked to promote the YouTuber’s channel.
Hackers are forcing smart TVs, Chromecasts to promote PewDiePie Social Media https://t.co/VNGKY3cfZ1 #IoT #smarttv #smarthome #hacked #pewdiepie #CyberSecurity #infosec #socialmedia #CyberSecurity #infosec— Bob Carver (@cybersecboardrm) January 2, 2019
“Your Chromecast/Smart TV is exposed to the public internet and is exposing sensitive information about you!” the message displayed in the advert reads.
“To find out more about what to do and how to fix this, visit [website link redacted] for more information. You should also subscribe to PewDiePie.”
According to CNet, the hacker involved with the latest PewDiePie advert has used this vulnerability to help promote PewDiePie’s channel as well as for the memes associated with the YouTuber. He also stated that they would like to draw awareness to the vulnerability of the devices he hacked.
“Honestly, it’s just for the memes,” HackerGiraffe told CNET. “I like PewDiePie, and so why not?”
For those who haven’t been keeping up to date regarding PewDiePie’s recent spate of hacked adverts, the request to subscribe to his channel is now a well-known meme after a Bollywood music label, T-Series, almost beat PewDiePie to the top place regarding YouTube subscribers. Since then, PewDiePie has maintained his lead on T-Series, in part, thanks to the spate of hacked adverts asking people to subscribe to his YouTube channel.
HackerGiraffe also released details on how they managed to infiltrate the devices. Searching for devices that use the commonly accessed open ports 8008 and 8443, the hacker took over the devices.
#CastHack/#ChromecastHack right now on my server, here is what happens:— TheHackerGiraffe ???? (@HackerGiraffe) January 2, 2019
1. Script checks if the IP is a Google Home, SmartTV, or Chromecast
2. Renames device to HACKED_SUB2PEWDS_#
3. Attempts to play the YouTube video I'm preparing
More info soon.
As for what to do if your device has been hacked, Chromecast released the following statement on the matter.
“This is not an issue with Chromecast specifically, but is rather the result of router settings that make smart devices, including Chromecast, publicly reachable.”
The spokesperson also said that users could fix the problem by resetting their router settings on their device and issued the following instructions to Variety.
“To restrict the ability for external videos to be played on their devices, users can turn off Universal Plug and Play (UPnP). Please note that turning off UPnP may disable some devices (e.g. printers, game consoles, etc.) that depend on it for local device discovery.”
According to CNET, the script has been running since 5 a.m. PT and has already “hijacked more than 5,500 devices.”
PewDiePie has not publically spoken to media outlets about the incident. However, he did reply to HackerGiraffe via his official Twitter account and told the hacker that he was “doing gods work.”