Quantcast

Hacking, Surveilling, and Deceiving Victims on Smart TV

SeungJin 'beist' Lee Special guest at the Black Hat USA event SeungJin Lee, aka beist, from the Korea University highlights the main vectors for exploiting Smart TV technology.

I’m going to talk about Smart TV hacking. Let me introduce myself: SeungJin Lee; my handle is ‘beist’ and I’m from Korea University – the name is Korea University. I’m named to advisory council for Cyber Command in Korea. I’m highly interested in offensive security; I like finding vulnerabilities and reverse engineering, something like that.

Outline of the study

Outline of the study

We can start with what is the research motivation and what is Smart TV and what’s the attack point on the Smart TV, and then how I made rootkits for Smart TV.

Important note

Important note

You may have heard of some communities who do a research on some specific brands of Smart TV, but they are doing it mostly from hacker’s point. But this talk is not a talk about hacking, it’s more like a security research on authorizing system, platform layer.

We have some vulnerabilities on Smart TV, but I want to emphasize more about the rootkits. Like, for example, I made a rootkit program, which I can do surveillance via Smart TV camera or mic, this is exploitation of vulnerabilities in Smart TV. It’s very traditional, that’s why I focused more on how to build rootkits on Smart TV. Actually I was only doing it for one specific Smart TV, but I want to say that this issue goes to all the Smart TV vendors, so this is something like a general issue.

So, the motivation: last year over 80 million Smart TVs were sold around the world (see leftmost image below), and the industry says it’s going to be more popular. But we hardly see any security research on Smart TV, so that’s why we did start on Smart TV.

Research motivation

Research motivation

Smart TV getting ubiquitous

Smart TV getting ubiquitous

Much like a PC

Much like a PC


 
Smart TV is used everywhere, home and office; big companies use Smart TV in their work environment (see middle image above). I want to say that Smart TV is just like a regular PC (see rightmost image above), because it is actually using modern operating system; that one is using Linux inside.

You can see mine here (see image set below). It’s kind of a fancy one; I bought it for like $300. It has a camera and a mic inside. The back has 3 USB ports, so you can connect USB into the Smart TV. There’s a LAN cable and EXlink.

Typical Smart TV - front

Typical Smart TV – front

Inputs and outputs

Inputs and outputs

Additional characteristics

Additional characteristics


 
Inside there are some hardware modules like Bluetooth and wireless device. As I said, the operating system is Linux, but the CPU is not Intel, but they are using ARM architecture. The thing is that the vendors make a lot of code for the platform. And it is using Linux, so it is working like a regular PC.

Extra features

Extra features

Why they have camera and mic is so that you could control Smart TV using your arm or voice, for example say “Turn it on” so that the TV will turn on. There’s an app store – you can download games, for example, Angry Birds, so you can play Angry Birds with your arms. And you can use Skype as well.

Hurdles of Smart TV research

Hurdles of Smart TV research

What were the big hurdles (see left-hand image) when I was doing the Smart TV security research? The thing is that there is not much documentation about Smart TV security, and the TV is totally the blackbox, which means you have to do full reverse engineering to understand how it works.

And the thing is that I thought the Smart TV software was not that big, but I realized it is really big. The platform, I mean the vendor, has made over 300 MB of programs inside, which means it will be hard to find some interesting spots for attackers who want to find some 0days inside.

One of the hardest hurdles was that when I was doing the research on Smart TV I broke my TV, so I had to send my TV to A/S center to fix it. It was a really big hurdle, because you couldn’t do everything on software level. It is very possible to make the TV malfunction, and it takes a lot of time to fix it.
 

Read next: Hacking, Surveilling, and Deceiving Victims on Smart TV 2: Attack Vectors

Like This Article? Let Others Know!
Related Articles:

Leave a comment:

Your email address will not be published. Required fields are marked *

Comment via Facebook: