Update (January 03):
Chromecast hacker (@HackerGiraffe) says he is getting “panic attacks” after being told the FBI is building a case against him. He also revealed has been getting death threats for quite sometime now, with some messages even detailing how they will kill him and his family.
Complete story here
Original story follows:
In the last couple of days, hackers turned their focus to Google Chromecast, hacking the streaming dongle to let users know about what they should do in order to plug the loophole as well as urging people to subscribe famous YouTube celebrities like PewDiePie.
First time around, it was hacker @friendlyh4xx0r who exploited the loophole to get into thousands of Chromecasts.
This was followed by a second attack, which was helmed by @HackerGiraffe and @j3ws3r. New hack was bigger, as it also targeted Google Home units as well as Smart TVs.
If you remember, both @HackerGiraffe and @j3ws3r were also behind recent printer hacks where-in they managed to print fliers urging support for PewDiePie, YouTube’s most subscribed channel (it recently came to light that printer companies have started taking notice of printer vulnerabilities brought to light by these hacks).
Coming to the second hack, which targeted Chromecasts, Google Homes, and Smart TVs, Google told The Verge they received reports about “an unauthorized video played on their TVs via a Chromecast device,” but effectively refused to take any action saying router settings need to be tightened to prevent such attacks in future – you need to turn off Universal Plug and Play (UPnP) on your router.
Prior to this, when the first Chromecast hack took place, we told you that a Chromecast team member was active on Reddit, asking affected users for more information.
However, no further updates were given by this Chromecast team member as well. So is it safe to say Google took no action despite close to 70k devices (of which majority were Chromacast units) getting hacked? Well, yes wouldn’t be the correct answer as YouTube took a step on behalf of Google.
If you take a look at our second hack news story here, you’ll see we embedded a YouTube video which got played on TVs after the Chromecast attached to them got hacked.
That video has been taken down.
And no, it’s not the hackers who took it down. It’s YouTube who did it citing violations related to “spam and deceptive practices.” Both hackers confirmed this in separate tweets.
We couldn’t find any official word from YouTube or Google over this, and we doubt they will offer a statement, but we are keeping a tab (as always). Anyway, what do you think about this move? Do you think it was a correct step by YouTube/Google? Share your thoughts in the comments section below.
PiunikaWeb is a unique initiative that mainly focuses on investigative journalism. This means we do a lot of hard work to come up with news stories that are either ‘exclusive,’ ‘breaking,’ or ‘curated’ in nature. Perhaps that’s the reason our work has been picked by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and more. Do take a tour of our website to get a feel of our work. And if you like what we do, stay connected with us on Twitter (@PiunikaWeb) and other social media channels to receive timely updates on stories we publish.