Millions Of Samsung And Roku Smart TVs Found To Be Vulnerable To Remote Hacks
According to Consumer Reports, literally, millions of television sets which offer smart functionality via an underlying operating system could be vulnerable to a malicious attack due to ongoing vulnerabilities.
The report is suggesting that millions of smart TVs around the world could theoretically be controlled by external influences if the internal vulnerabilities are exploited without the prior knowledge of the TV owner.
The research into the topic has found that the problem is evident on televisions manufactured by Samsung and TCL, which currently sells sets around the world under the Roku brand. The testing discovered that very personal and financial details, such as bank data, couldn’t be obtained, but other acts were possible by remote hackers.
It seems that anyone with the requisite knowledge to hack into one of these vulnerable TVs or streaming boxes would be able to perform actions such as changing the TV channel currently being watched, adjust the volume too high or low levels, and even play offensive or adult-rated content on the television set should they wish to do so. All of these actions and commands could be invoked from thousands of miles away on a remote basis due to the fact that the smart TVs are Internet connected and can be accessed and controlled as such.
It probably shouldn’t come as any huge surprise that a device which is permanently connected to the internet, and which derives a lot of its features and functionality from that online connectivity, is actually susceptible to outside interference. It’s perfectly possible that households with smart TVs have actually refused any ability to connect those sets to an internal Wi-Fi network but it’s also reasonable to assume that those who have purchased a set with smart functionality would need that connection for accessing apps and services, such as Netflix or Spotify. And that’s where the problems can begin.
The problem is said to arise from the fact that Roku’s video streaming software has an unsecured API in place which allows developers to bundle additional functionality, should they wish to do so. This is used for building remote control applications, which could be hijacked by those malicious individuals to take over the television set. Both companies are currently investigating the problem.