Hackers take over Google Chromecasts in support of PewDiePie

Hackers have taken control of Google Chromecast smart TV devices around the world in a stunt to raise awareness of cyber security and to promote YouTuber PewDiePie.

They claim to have gained access to more than 70,000 Google Chromecast devices – used to stream content on a TV – by taking advantage of an internet router setting that makes connected devices such as Chromecasts publicly viewable on the internet.

The hackers, who call themselves HackerGiraffe and j3ws3r, displayed a message on affected TV screens telling users their device had been taken over, warning them their WiFi information was at risk and broadcasting videos on the television.

On a website apparently set up to celebrate and track the success of the incident, the hackers say they carried out the attack to highlight router vulnerabilities.

<figcaption class='imgFCap'>YouTuber PewDiePie (Hannah McKay/PA)</figcaption>
YouTuber PewDiePie (Hannah McKay/PA)

“We want to help you, and also our favourite YouTubers (mostly PewDiePie). We’re only trying to protect you and inform you of this before someone takes real advantage of it. Imagine the consequences of having access to the information above,” the website said.

Google has confirmed it is aware of the issue and is offering guidance on how to handle the attack.

“We have received reports from users who have had an unauthorised video played on their TVs via a Chromecast device,” a company spokesman said.

“This is not an issue with Chromecast specifically, but is rather the result of router settings that make media devices, including Chromecast, publicly reachable on the internet.”

The technology giant said users could restrict the ability for unsolicited videos to be played on their devices by turning off a feature known as Universal Plug and Play (UPnP), which can be done through a router’s settings website.

The setting enables connected devices to easily discover each other and establish connections for data sharing over that network.

HackerGiraffe and j3ws3r also encourage users to disable UPnP.

Last year the same hackers claimed responsibility for a similar attack which forced thousands of printers to print out messages supporting PewDiePie.

The YouTuber, whose real name is Felix Kjellberg, is the most subscribed-to individual on the video platform.

His status as the most popular channel on the site has come under threat from Indian music label and movie studio T-Series, which has led some fans to undertake public stunts to gain him more followers and keep his lead.

- Press Association

Most Read in Ireland