Hackers are exploiting a vulnerability in Google Chromecast devices and are using it to promote a popular YouTube Channel.
The hack is called “CastHack,” and it takes advantage of a router setting that makes some smart devices — including Chromecast streaming video players — viewable on the public internet. Hackers can then exploit that to push videos to TV sets connected to those devices.
What makes the hack even more bizarre is what the hackers did with the exploit. Affected devices were shown a warning screen that said “ATTENTION: Your Chromecast/smart TV is exposed to the public internet and is exposing sensitive information about you! To find out more about what to do and how to fix this, visit [the hacker’s website] for more information.”
The note went on to say, in bold lettering: “You should also subscribe to PewDiePie.”
PewDiePie is one of the most popular creators on YouTube. He has been encouraging his fans and subscribers to promote his channel as part of a beef with another YouTube channel called T-Series.
It’s an odd thing to happen, but the hackers, on their website, claim to have affected thousands of Chromecast devices.
They also say that their intentions are entirely benign.
“We want to help you, and also our favorite YouTubers (mostly PewDiePie),” their website says. “We’re only trying to protect you and inform you of this before someone takes real advantage of it.”
As connected TV devices become more popular, hackers are only likely to become more interested in gaining access, not only to project their own videos onto TV sets, but to try and steal personal information, like addresses and credit card info.
The Chromecast hack may have been benign and connected to a popular YouTuber, but it portends a more malicious future.