Hackers Are Pwning Chromecasts To Broadcast Security Risks About Chromecast And UPnP

It seems that Chromcast devices that are on home networks with Universal Plug and Play enabled are reachable from the Internet. Which makes them pwnable by hackers. An example of this was captured by TechCrunch. Now the hackers aren’t out to steal anything as the message actually has some useful info. Such as you should turn off UPnP to make your network more secure. Oh yeah, according to the hackers, you should subscribe to the YouTube channel of Pewdiepie. Don’t know who he is? Ask your teenagers.

Now this isn’t a Chromecast bug as such. It is really an inherent weakness in Universal Plug and Play which is designed to make devices work easily with each other. But I have been on record as saying that UPnP should just be disabled on routers by default as it is a security nightmare just waiting to happen. So if I were you, I’d dig up your router manual and figure out how to turn off UPnP now. As in right the hell now. And that advice holds true whether you have a Chromecast or not.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: