Android smart TVs can be hacked to spy on your conversation
The smart TV’s are the latest ‘in’ thing and hugely popular. So much so that big players like Sony, Samsung, LG are lining up new smart TVs to woo buyers. But there is a certain security risk attached with Smart TV’s as with all the Internet of Things devices.
We had already reported how the Samsung Smart TV’s may be spying on you. Samsung had at that time agreed that its smart TV’s could indeed listen to your conversation and at one point had urged its smart TV buyers not to discuss personal and confidential things while watching its TV’s.
Now comes even worse news. Samsung smart TVs could spy on your conversation but the conversation could be misused only by third-party service, viz.Nuance Communications, Inc. A new research by Pen Test Partners reveals that hackers could hack Android run smart TVs to spy on your conversation.
Samsung may be using your conversations for voice recognition and possible to target ads but the Android TV hack reported by Pen Test Partners can be used cybercriminals record them for malicious purpose.
Pen Test Partners has found a vulnerability to abuse the voice recognition system on Android-based TV sets. They have put out a PoC video which is given below :
The researchers from Pen Test Partners say that the hackers only have to install a malware on the Android TV and your TV becomes a listening post for them. The only glitch in the hacking is that the Android TV should have “Install apps from unknown sources” enabled.
Once the hacker manages to convince the Android smart TV owner to install the rogue App through phishing or by uploading such malicious App on Google Play, the Android TV, your TV can be used to listen to everything you say in the presence of your TV.
Pen Test Partners used a Sony Bravia 55X8005C with Android Lollipop 5.0.2 for its tests. That model doesn’t have an external microphone, so the researchers had to install a USB mic instead. This would not be a problem, they noted, for higher-end models that have microphones built into the televisions or remotes.
The video shows the TV listening to the microphone input, then sending the audio to Google’s voice service (Nuance), converting it to text then delivering to an external laptop.
If you own a Sony or for that matter any Android smart TV, please disable “Install apps from unknown sources” feature in your TV settings and avoid installing Apps that appear rogue or have come through mail.