Earlier in the week, three ethical hackers, in their bid to check the security of the Chromecast, hacked the media streaming device to play PewDiePie videos and also took control of Google Home smart speakers and smart TVs.
Initially, Google was falsely blamed for failing to fix the CastHack bug, which was first noticed by Petro, a senior security analyst at the consultancy Bishop Fox in 2014, just a year after the Chromecast's debut. He made a remote using Raspberry Pi computer chip, two wireless card, a touchscreen and all assembled in a 3D-printed plastic enclosure.
With the home-made gadget, he was able to send a 'Deauth' command to Chromecast to disconnect from the Wi-Fi network. When the Chromecast reboots, it gets in reconfiguration mode by turning itself into a Wi-Fi hotspot and waits for local computer or any nearby internet connected device for commands. Then the hacker can control the Chromecast thereby play any content on the TV. It was Petro's method to prank his friends.
It can be noted that to send 'Deauth' command, the hacker has to be in physical proximity of the Chromecast (at least 100 feet) and have an AP (Application Programm) installed to re-direct the Chromecast. Most importantly, network passwords are not exposed in either case.
Google spokesperson has confirmed to International Business Times India Edition, that it is working on an update to prevent deauth attacks. So, consumers are advised not to be apprehensive in using or buying the Chromecast.
So, how the hackers (TheHackerGiraffe, j3ws3r and @friendlyh4xx0r) took control of the Chromecast, earlier this week? Well, it has now come to light that they actually made use of security loophole in Wi-Fi routers, which the Chromecast connects wirelessly via Universal Plug and Play (UPnP) protocol.
There is a solution to protect Chromecast from such attacks. To restrict the ability for external videos to be played on devices, users can turn off Universal Plug and Play (UPnP). It can be noted that turning off UPnP may disable some devices (e.g. printers, game consoles, etc.) that depend on it for local device discovery.
Here's how to disable Universal Plug and Play (UPnP) on D-Link router:
- Open a web browser and type the IP address of the wireless router in the address bar (default: 192.168.0.1). Press Enter.
- The default username is admin (all lowercase) and the password field should be left blank. Click OK.
- Go to the ADVANCED tab, then click on ADVANCED NETWORK
- Under the UPNP heading, tick the box labelled Disable UPnP
- Click Save Settings to apply the new settings
Here's how to disable Universal Plug and Play (UPnP) on Netgear router:
- Launch a web browser from a computer or mobile device that is connected to your router's network.
- Type http://www.routerlogin.net.
A login window opens. - Enter the router username and password.
The username is the admin. The default password is password. The username and password are case-sensitive.
The BASIC Home page displays. - Select ADVANCED > Advanced Setup > UPnP.
The UPnP page displays. - Select or clear the Turn UPnP On checkbox.
By default, this check box is selected. UPnP for automatic device configuration can be enabled or disabled. If the Turn UPnP On check box is cleared, the router does not allow any device to automatically control router resources, such as port forwarding.
Here's how to disable Universal Plug and Play (UPnP) on Linksys router:
Step 1: Access the router's web-based setup page. For instructions, click here.
NOTE: If you are using a Mac computer, click here.
Step 2: On the web-based setup page, click Administration.
Step 3: Select your desired setting for UPnP (To protect Chromecast, tap disable).
