Samsung’s Smart TV hacking secrets to be sold to government agencies

December 12, 2012
135
59 32 44

ReVuln Samsung SmartTV hackA security company known as ReVuln has created a video demonstrating that it can hack and root Samsung’s Smart TV range including the¬†Samsung TV LED 3D. The video shows how a zero-day vulnerability in the TV’s firmware can be used to retrieve sensitive information and monitor the device remotely. However ReVuln aren’t disclosing this¬†information¬†to Samsung, instead the company prefers to sell its secrets to¬†governments and “other paying customers.”

A zero-day¬†vulnerability is a bug in the firmware which, when exploited, allows hackers to root and remotely control the device. It is known as a “zero-day” as this is the number of days that the¬†manufacturer¬†knew about the vulnerability before it was exposed. In other words this is a¬†previously¬†unknown¬†vulnerability.

The¬†exploit allows an¬†attacker¬†to install malicious software and switch on the integrated webcam and microphone for¬†surveillance¬†purposes. The attacker can also access any¬†attached¬†USB drives. ReVuln plan to¬†invest more time and effort in hacking smart home devices and chose Samsung for their first attack¬†because it’s the current market leader. However, for ReVuln, televisions are just the beginning.

ReVuln doesn’t release its hacking secrets, even if Samsung contacted them¬†directly. Instead the¬†company sees the vulnerability¬†information¬†as part of a security portfolio for its paying customers. In this context paying customers includes government agencies. According to its website, “the vulnerabilities included in our Zero-day feed remain undisclosed by ReVuln unless either the vulnerability is discovered and reported by a third party or the vendor publicly or privately patches the issue.”

What do you think? Are you worried about someone hacking into your smart TV? Do you think ReVuln should at least tell Samsung how it did it?

Comments

Load More