Update (January 03):

Chromecast hacker (@HackerGiraffe) says he is getting “panic attacks” after being told the FBI is building a case against him. He also revealed has been getting death threats for quite sometime now, with some messages even detailing how they will kill him and his family.

Complete story here

Original story follows:

In the last couple of days, hackers turned their focus to Google Chromecast, hacking the streaming dongle to let users know about what they should do in order to plug the loophole as well as urging people to subscribe famous YouTube celebrities like PewDiePie.

First time around, it was hacker @friendlyh4xx0r who exploited the loophole to get into thousands of Chromecasts.

https://twitter.com/HackerGiraffe/status/1080383436660113409

This was followed by a second attack, which was helmed by @HackerGiraffe and @j3ws3r. New hack was bigger, as it also targeted Google Home units as well as Smart TVs.

https://twitter.com/HackerGiraffe/status/1080458272845512705

If you remember, both @HackerGiraffe and @j3ws3r were also behind recent printer hacks where-in they managed to print fliers urging support for PewDiePie, YouTube’s most subscribed channel (it recently came to light that printer companies have started taking notice of printer vulnerabilities brought to light by these hacks).

Coming to the second hack, which targeted Chromecasts, Google Homes, and Smart TVs, Google told The Verge they received reports about “an unauthorized video played on their TVs via a Chromecast device,” but effectively refused to take any action saying router settings need to be tightened to prevent such attacks in future – you need to turn off Universal Plug and Play (UPnP) on your router.

Prior to this, when the first Chromecast hack took place, we told you that a Chromecast team member was active on Reddit, asking affected users for more information.

Comment
byu/Killimansorrow from discussion
inChromecast

However, no further updates were given by this Chromecast team member as well. So is it safe to say Google took no action despite close to 70k devices (of which majority were Chromacast units) getting hacked? Well, yes wouldn’t be the correct answer as YouTube took a step on behalf of Google.

If you take a look at our second hack news story here, you’ll see we embedded a YouTube video which got played on TVs after the Chromecast attached to them got hacked.

That video has been taken down.

And no, it’s not the hackers who took it down. It’s YouTube who did it citing violations related to “spam and deceptive practices.” Both hackers confirmed this in separate tweets.

https://twitter.com/j3ws3r/status/1080742355639115776
https://twitter.com/HackerGiraffe/status/1080710266042617857

We couldn’t find any official word from YouTube or Google over this, and we doubt they will offer a statement, but we are keeping a tab (as always). Anyway, what do you think about this move? Do you think it was a correct step by YouTube/Google? Share your thoughts in the comments section below.

PiunikaWeb is a unique initiative that mainly focuses on investigative journalism. This means we do a lot of hard work to come up with news stories that are either ‘exclusive,’ ‘breaking,’ or ‘curated’ in nature. Perhaps that’s the reason our work has been picked by the likes of Forbes, Foxnews, Gizmodo, TechCrunch, Engadget, The Verge, Macrumors, and more. Do take a tour of our website to get a feel of our work. And if you like what we do, stay connected with us on Twitter (@PiunikaWeb) and other social media channels to receive timely updates on stories we publish.

Himanshu Arora
359 Posts

My interest in technology and writing started back in 2010. Since then, I have written for many leading publications, including Computerworld, GSMArena, TechSpot, HowtoForge, LinuxJournal, and MakeTechEasier to name a few. Here at PiunikaWeb, I started with covering smartphone related breaking stories as well as some other interesting stuff, but now I have switched over to more of a leadership role. I also take care of several operational aspects of the website. Some of my current responsibilities include business development, and working with Piunika to make sure we’re progressing as envisioned. If you want to get in touch, I am active on LinkedIN, and also available on Twitter/X.

Next article View Article

Google Drive not letting users play videos, throws 'allowed playbacks has been exceeded' error

Google Drive users have been dealing with an issue for years where they get an 'allowed playbacks has been exceeded' error when trying to play videos. And Google has still...
Feb 20, 2024 2 Min Read