Vulnerable Smart TVs from Samsung over the Internet
Hackers can exploit apps on connected TVs from Samsung, to spy about the owner remotely via webcam and microphone. The Grattafiori have Aaron and Josh Yavor at IT security conference Black Hat demonstrates. Unlike the March attack documented need to have access to the TV according to the presentation of the two potential attackers: they have analyzed the freely available firmware files.
As a gateway that were preinstalled on every smart TV from Samsung web applications such as Skype and Facebook can be used. According to security experts, Samsung has developed from the existing HTML and JavaScript code apps on the basis of the program code to provide the software manufacturer, and it apparently made mistakes.
Smart TV from Samsung Increase
Image: Manufacturer
Until recently in the shipping version of Skype, for example, put several command injection vulnerabilities. An attacker who is in the friends list of the logged on the TV to Skype user, can accommodate a status message JavaScript code that processes the Skype app. As a result, the attacker can for example read the Skype user name and password of the TV owner. Since Skype has also access to the API of the camera and microphone, also living room monitoring from a distance are feasible according Grattafiori and Yavor on this path. A modification of the app via script can even gain a more than restarting the appliance access.
Also based on Webkit browsers Smart TVs can be abused. In this case, the necessary JavaScript code to attack finds its way through the URL of the requested page. It is enough to entice the user to a website controlled by the attacker to then change various settings of your TV by classic drive-by attack. According to security experts, it is for example possible to override the DNS server entry. Users could then silently land on a phishing site instead of the desired original: The customized Samsung Webkit version does not seem to verify TLS certificates and therefore spend no error message when presented by the phishing server certificate does not match the called URL.
The browser also has access to the necessary control of the TV hardware API, so an attacker can abuse on this path the camera to transfer their records either in the form of video stream or single images to the outside.
According Grattafiori and Yavor it is possible to modify the above mentioned gateways and the other installed files on the TV Apps and bear attack code.
The hackers have Samsung informed about the vulnerabilities earlier this year. Then the manufacturer has released updates for these apps. It is currently unclear whether these be available for all affected TV models, or whether Samsung has possibly only cared about the 2012-model used by the hackers.
http://www.heise.de
As a gateway that were preinstalled on every smart TV from Samsung web applications such as Skype and Facebook can be used. According to security experts, Samsung has developed from the existing HTML and JavaScript code apps on the basis of the program code to provide the software manufacturer, and it apparently made mistakes.
Smart TV from Samsung Increase
Image: Manufacturer
Until recently in the shipping version of Skype, for example, put several command injection vulnerabilities. An attacker who is in the friends list of the logged on the TV to Skype user, can accommodate a status message JavaScript code that processes the Skype app. As a result, the attacker can for example read the Skype user name and password of the TV owner. Since Skype has also access to the API of the camera and microphone, also living room monitoring from a distance are feasible according Grattafiori and Yavor on this path. A modification of the app via script can even gain a more than restarting the appliance access.
Also based on Webkit browsers Smart TVs can be abused. In this case, the necessary JavaScript code to attack finds its way through the URL of the requested page. It is enough to entice the user to a website controlled by the attacker to then change various settings of your TV by classic drive-by attack. According to security experts, it is for example possible to override the DNS server entry. Users could then silently land on a phishing site instead of the desired original: The customized Samsung Webkit version does not seem to verify TLS certificates and therefore spend no error message when presented by the phishing server certificate does not match the called URL.
The browser also has access to the necessary control of the TV hardware API, so an attacker can abuse on this path the camera to transfer their records either in the form of video stream or single images to the outside.
According Grattafiori and Yavor it is possible to modify the above mentioned gateways and the other installed files on the TV Apps and bear attack code.
The hackers have Samsung informed about the vulnerabilities earlier this year. Then the manufacturer has released updates for these apps. It is currently unclear whether these be available for all affected TV models, or whether Samsung has possibly only cared about the 2012-model used by the hackers.
http://www.heise.de
Posts
No comments: