IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Smart TVs vulnerable to "red button" hacking

Radio attack could use flaw in software to hijack TVs

Hacking

Intenet-connected or Smart TVs could be vulnerable to drive-by hacking attempts, according to researchers.

The so-called "red button attack" uses a man-in-the-middle exploit to intercept a digital television signal rather that IP-based data.

By transmitting data packets over the airwaves, malicious code can be sent to these televisions. Once exploited by hackers, these devices can then be made to send messages by hackers, find other vulnerable devices on a home network or even launch attacks across the internet.

Yossef Oren and Angelos Keromytis, from the Network Security Lab at Columbia University, warned that finding and preventing such attacks would be difficult.

In a research paper published by the pair, such an attack could be carried out using an inexpensive antenna and carefully constructed broadcast messages.

"For this attack you do not need an internet address, you do not need a server," Mr Oren told Forbes. "You just need a roof and an antenna and once you are done with your attack, there's completely no trace of you."

The hack works be using the Hybrid Broadcast Broadband TV (HbbTV) standard, widely used in European smart TVs. The technology is used in sets that provide TV via digital terrestrial broadcasts and via broadband.

The attack could then do anything the owner was able to do. The researchers said if a TV owner was logged into Facebook, the attackers could also post messages to the social network.

The researchers also detailed in the paper how the flaw could be used to DoS a website.

Oren said that in built up areas a cheap antenna could hack hundreds of TVs. A bigger antenna could hit thousands.

"The attacks described in this paper are of high significance, not only because of the very large amount of devices which are vulnerable to them, but because they exemplify the complexity of securing systems-of-systems which combine both internet and non-internet interfaces," they added.

"Similar cyber-physical systems will become increasingly more prevalent in the future Internet of Things, making it especially important to analyse the weaknesses in this system, as well as the limitations of its proposed countermeasures."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022