View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data
January 3, 2019

TheHackerGiraffe Strikes Again Forcing Chromecast Devices to Play Video

When they started the attack the hackers managed to play the video on 2000 devices using ports 8008/8443

By CBR Staff Writer

A hacker has identify 123,000 vulnerable devices online and has forced 65,183 devices  using Chromecast and Google Home, including smart TVs, to play a video promoting a YouTube celebrity’s channel.

TheHackerGiraffe has claimed responsibility for the hack, even going so far to create a blog where people can view in real-time the number of devices exposed.

Using Shodan, a search engine that helps you find devices connected to the internet such as security cameras, computers and unsecured Internet of Things connections, the hackers discovered over 120,000 Chromecast devices with low-security.

The hack is possible due to the fact that Chromecast is using Universal Plug and Play (UPnP) which makes your router push a public internet port onto the Chromecast devices. This is done in order to make the devices easier to interchangeably work with remote devices such as printers and gaming consoles.

Teaming up with another hacker named j3ws3r, TheHackerGiraffe used a Chromecast attack code to access the Google Home Local API to connect to the device which they then renamed ‘Hacked_SUB2Pewds’ allowing them to play their selected YouTube video on the device.

When they started the attack the hackers managed to play the video on 2000 devices using ports 8008/8443, however they soon noticed that this route was cut off as devices and endpoints stopped responding, suggesting Google was responding to the incident. The hackers simply switched to a different port used by Chromecast which allowed the hack to continue.

The video that was forced to play on devices was one in support of the YouTube gamer PieDewPie who is currently trying to maintain the position of most subscribed channel on YouTube as he faces completion from an Indian music channel.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

PieDewPie Hack

This is the second hack by TheHackerGiraffe who had previously hacked 50,000 printers that were discovered to be vulnerable, again using Shodan. Once he had access to the printers he force them to print out another promotional message supporting PieDewPies channel.

The easiest way to avoid been affected by this type of vulnerability is to restrict your device’s ability to play external videos by turning of the Universal Plug and Play option, but this would then mean printers and IoT devices may no longer work via Google Home or Chromecast…

See Alos: Hack the Gov’t and Tell the NCSC? You’ll Now Get a Pat on the Back

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.