Hackers Are Pwning Chromecasts To Broadcast Security Risks About Chromecast And UPnP

It seems that Chromcast devices that are on home networks with Universal Plug and Play enabled are reachable from the Internet. Which makes them pwnable by hackers. An example of this was captured by TechCrunch. Now the hackers aren’t out to steal anything as the message actually has some useful info. Such as you should turn off UPnP to make your network more secure. Oh yeah, according to the hackers, you should subscribe to the YouTube channel of Pewdiepie. Don’t know who he is? Ask your teenagers.

Now this isn’t a Chromecast bug as such. It is really an inherent weakness in Universal Plug and Play which is designed to make devices work easily with each other. But I have been on record as saying that UPnP should just be disabled on routers by default as it is a security nightmare just waiting to happen. So if I were you, I’d dig up your router manual and figure out how to turn off UPnP now. As in right the hell now. And that advice holds true whether you have a Chromecast or not.

Leave a Reply

%d bloggers like this: