Is your smart TV spying on you?

Sciences, Environmental/Climate issues, Academia and Technical interests
Post Reply
User avatar
Nom De Plume
Posts: 2241
Joined: Sat Nov 04, 2017 7:18 pm

Is your smart TV spying on you?

Post by Nom De Plume » Tue Aug 27, 2019 12:58 pm

There are few devices that are as well-known and seen virtually everywhere. These are located throughout the bedrooms, living rooms, kitchens, and recreation rooms. In a commercial environment, these devices are in conference rooms and hallways on the business or news channels. In retail there may be a bank of them on a wall, all showing the same thing. As time has passed, the technology has improved significantly. This has affected TVs. There are in the marketplace several manufacturers producing more advanced smart TVs with connectivity. As with any newer technology, people look to exploit any vulnerabilities. The connectivity of the IoT devices, inclusive of the connected TVs, has provided the outlet for this.
There has been malware coded to exploit connected TV vulnerabilities. Until recently, Weeping Angel was previously unknown. This malware was published as part of the Vault 7 Wikileaks. This was coded to attack the connected TV. Granted, the connected aspect for the TV makes this a prime target, this has not had the limelight on it that other attack vectors have.

A Brand New Age
The attackers are always looking for new areas within a system to manipulate. With all of the bug bounty programs in place, this is treated as a challenge by the attackers. With this specific sample, once the TV is infected, the malware is able to exfiltrate information and data. To accomplish this, the malware uses the microphones is the smart TVs to monitor the noise, speech, and other activities in the vicinity of the TV. Any person talking proximate to the TV would be monitored and recorded, without authorization. Without this, user’s owning and being near the smart TVs in their home and office may be spied on without their knowledge. The target smart TVs are the Samsung manufactured models in 2012 and 2013.

Method
This malware was coded allegedly by the CIA in conjunction with the UK’s MI5/BTSS. In effect; this malware makes the user’s TV a bug. This, however, requires physical access to the TV. There has been no evidence this attack could be done remotely or due to an upgrade in the OS. The infection method as shown has been the USB drive.
This attack tricks the user into believing the TV is off when it actually is recording the room’s noise. This begins to work as the user turns off the TV or so they believe. The TV registers as being turned off to the user. To ensure the user believes this, the TV’s LED lights are disabled, much like a RAT. This is the False-Off mode. At this point, the TV is still actively on and monitors the activities near the TV. This works to record these and send them to the CIA servers via the Wi-Fi in a file format. This allegedly also was coded to seek and record user names, passwords, and Wi-Fi keys.
There presently is one limitation due to the TV’s hardware in that the video of the room is not available.

Statistically Significant
The average person would likely not be a target. The CIA breaking into your house, plugging the USB stick into the smart TV, and egressing without being noted would not be a statistically significant event. Then again, it is not probable the CIA would have a person standing in the supply chain, installing this on TVs or a random sample of these.
Remediation
If the user has an affected TV, the user certainly wants to remediate this in some form. By not completing this, the user would only continue to allow the monitoring. The user has a few options to fix this issue. The user may update the firmware over the air (OTA). If possible the TV may receive v.118, which removes the issue. Unfortunately, this may not be sufficient if the COA were to have applied the “prevent updates” version, which would avoid the update being applied.

The only sure way to have the TV reset to the factory set firmware. This appears to be an easy enough task, however, trying to rest the TV to the factory setting takes a bit of work and is not an easy task.

https://www.cyberdefensemagazine.com/smart-tvs/
"But you will run your kunt mouth at me. And I will take it, to play poker."

User avatar
Nom De Plume
Posts: 2241
Joined: Sat Nov 04, 2017 7:18 pm

Re: Is your smart TV spying on you?

Post by Nom De Plume » Tue Aug 27, 2019 1:37 pm

I have a Samsung smart tv so have put it back to factory settings. Now to reload apps.
"But you will run your kunt mouth at me. And I will take it, to play poker."

sprintcyclist
Posts: 7007
Joined: Wed May 07, 2008 11:26 pm

Re: Is your smart TV spying on you?

Post by sprintcyclist » Tue Aug 27, 2019 2:17 pm

My Samsung TV is not spying on me.
It sent me a text to my phone to tell me it is not spying on me.
Right Wing is the Natural Progression.

User avatar
brian ross
Posts: 6059
Joined: Thu Apr 19, 2018 6:26 pm

Re: Is your smart TV spying on you?

Post by brian ross » Tue Aug 27, 2019 5:22 pm

I use a dumb TV connected to a Linux PC which I control and regularly update. Much safer, much more secure.
Nationalism is not to be confused with patriotism. - Eric Blair

User avatar
Neferti
Posts: 18113
Joined: Wed Jan 12, 2011 3:26 pm

Re: Is your smart TV spying on you?

Post by Neferti » Tue Aug 27, 2019 5:25 pm

brian ross wrote:
Tue Aug 27, 2019 5:22 pm
I use a dumb TV connected to a Linux PC which I control and regularly update. Much safer, much more secure.
Old Fart. :rofl

User avatar
brian ross
Posts: 6059
Joined: Thu Apr 19, 2018 6:26 pm

Re: Is your smart TV spying on you?

Post by brian ross » Tue Aug 27, 2019 5:25 pm

Neferti~ wrote:
Tue Aug 27, 2019 5:25 pm
brian ross wrote:
Tue Aug 27, 2019 5:22 pm
I use a dumb TV connected to a Linux PC which I control and regularly update. Much safer, much more secure.
Old Fart. :rofl
Safe, old fart, thank'ee. 8-)
Nationalism is not to be confused with patriotism. - Eric Blair

User avatar
Bogan
Posts: 948
Joined: Sat Aug 24, 2019 5:27 pm

Re: Is your smart TV spying on you?

Post by Bogan » Sun Sep 15, 2019 11:25 am

Hey Brian, could you get back on the "races are equal" thread so that I can continue to kick your arse?

Post Reply

Who is online

Users browsing this forum: No registered users and 80 guests