Samsung Smart TV vulnerability gives hackers eyes and ears in the living room

14 December 2012

Watching TV is a great American pastime…but did you know that Samsung Smart TVs may actually be watching you back?

Researchers at the controversial Malta-based security consultant and exploit-seller ReVun have identified a vulnerability in the Linux-based Samsung LED 3D TVs that would allow hackers to hijack the boob tube and retrieve sensitive information, and monitor and root the device itself.

“If the attacker has full control of the TV…then he can do everything like stealing accounts to the worst scenario of using the integrated webcam and microphone to ‘watch’ the victim,” Luigi Auriemma of ReVuln told the IDG News Service.

Smart TVs are of course connected to the Internet and offer users the ability to tap into Web-based apps like Facebook, Netflix, Hulu, YouTube, gaming and so on. Some of those apps require credit card entries, which are then available to the controlling hacker. Essentially, someone bent on invading the living room via the vulnerability can gain access to all the TV’s settings and channel lists, SecureStorage accounts, widgets and their configurations, ID and credentials, any USB drives attached to the TV and even the remote control—so hackers could change channels and adjust the volume from afar.