Watch and be watched: Compromising all Smart TV generations

Abstract

Smart TVs are slowly becoming ubiquitous in households and offices, offering an ever-growing number of features such as Internet access, media players, and built-in cameras and microphones. They are physically placed in sensitive locations and connected to trusted home and business networks. These TVs use the same operating systems and software stacks as regular PCs, leaving them vulnerable to similar software-based attacks. Even worse, security updates are provided much less frequently and stop completely after the TV has reached end-of-life. Furthermore, as these systems are closed, it is nearly impossible for end users to examine if the TV is vulnerable or if it has been compromised. This paper demonstrates that Smart TVs in their current state must not be considered trustworthy and therefore pose a severe security and privacy threat. We show that the integrated media player - a feature offered on nearly every Smart TV on the market, ranging from entry level to high end models and regardless of the vendor - is highly vulnerable. We developed a practical proof-of-concept attack using a malicious video file that gives an attacker permanent, full control over the device, yet is completely undetectable by the user. Furthermore, we provide fully functional payloads for stealthily tapping into a TV's camera and microphone.