HACKING, SURVEILLING, AND DECEIVING VICTIMS ON SMART TV

Smart TVs sold over 80,000,000 units around the world in 2012. This next generation "smart" platform is becoming more and more popular. On the other hand, we hardly see security research on Smart TVs. This presentation will cover vulnerabilities we've found on the platform.

You can imagine that Smart TVs have almost the exact same attack vectors that PC and Smart Phones have. Also, Smart TVs have interesting new attack surface such as the remote controller. We'll talk about attack points for Smart TV platform and cover security bugs we discovered. This talk will mostly focus on what attackers can do on a hacked Smart TV.

For example, expensive Smart TVs have many hardware devices like a Camera or Mic which, if remotely controlled, means bad guys can spy remotely without you knowing. Even more, it is possible to make Smart TVs monitor you 24/7 even though users turn off their TV, meaning #1984 could be done.

In addition, we'll point out a difference of viewpoint on leaked information type among PC, Smart Phone and Smart TV. Lastly, we'll give demo of live remote surveillance cam, which is sent to attacker's server at this talk.

This talk is an extended version of one, which I gave at CANSECWEST. It will demonstrate a spoofed news story on a hacked Smart TV and possibly TVshing (Smart TV edition of phishing.)

Presented by