PewDiePie hackers take over Google smart TV systems

By Joe Tidy
BBC Cyber-security reporter

Image source, Getty Images
Image caption,
A message on affected TVs encourages victims to subscribe to the YouTuber PewDiePie

Hackers have taken control of smart TVs around the world in another stunt to support YouTuber PewDiePie.

The super-fans claim they successfully took over more than 65,000 Google Chromecast devices.

Google says its product is not to blame but, despite that, the company appears to have found a way to stop the attack.

The hackers, who wish to remain anonymous, say they have located more than 100,000 smart TV devices that are open to this type of cyber-attack.

They created a website to "live track" their stunt. The website also boasts that more than 8,000 Chromecast devices had their name changed to 'Hacked_sub2pewds_#'.

Victims have taken to social media platforms to report the problem. One Reddit user posted: "Every 20 minutes or so my TV switches to some crappy YouTube video about PewDiePie… Anyone know how to stop this, it's driving me bonkers."

The video message displayed on TVs reads: "Your Chromecast/Smart TV is exposed to the public internet and is exposing sensitive information about you!" It then encourages victims to visit a web address before finishing up with, "you should also subscribe to PewDiePie".

In recent weeks, the two hackers have carried out similar stunts by forcing potentially hundreds of thousands of printers to print similar messages.

The teenager who started the wave of attacks in November and called himself "Hacker Giraffe" online has since deleted his tweets and "retired" from hacking out of fear of being caught.

In a letter posted online he said: "I just wanted to inform people of their vulnerable devices while supporting a YouTuber I liked. I never meant any hard, nor did I ever have any ill intentions. I'm sorry if anything I've done has made you feel under attack or threatened."

YouTuber rivalry

PewDiePie has attracted the highest number of subscribers for a creator on YouTube since 2013. He currently has about 79 million followers on the platform.

Over recent months, the Indian music label and movie studio T-Series has come close to overtaking his lead, which has led some PewDiePie fans to mount stunts to attract new subscribers.

One of the hackers said they are using the PewDiePie rivalry to gain more attention for their work and will not stop their campaign until IP addresses are secured against these types of attacks around the world.

"People, lots of people, including corporate infrastructures seem to think things like this are OK. It's not. And the only plausible way we can really spread the message is by showing people," one hacker told the BBC.

It is thought that Google was able to mitigate the attack by removing the YouTube video that the hackers were playing on the infected TVs.

The company responded by saying: "We have received reports from users who have had an unauthorised video played on their TVs via a Chromecast device. This is not an issue with Chromecast specifically, but is rather the result of router settings that make smart devices, including Chromecast, publicly reachable."

The internet giant also issued advice to customers to prevent this from happening: "To restrict the ability for external videos to be played on their devices, users can turn off Universal Plug and Play (UPnP)."

Universal Plug and Play (UPnP) helps devices, such as internet appliances and computers, access the network and connect to other devices as needed.

Vulnerabilities in the system are not uncommon and can be fixed with online guides issued by router manufacturers.