The attack could have been carried out with a “basic RF transceiver” which would not cost more than a few dollars at most.
Voice sensitive devices can ease your life, be it Amazon Alexa or simply a remote controller. However, this can also mean a new attack surface for threat actors to explore and prey on.
This is exactly what happened recently when the Comcast XR11 voice remote controller was found to be vulnerable and could be turned into a spying tool that eavesdrops on users.
This was eased by the fact that it uses radio frequency which can be used for remote access by its nature.
Discovered by researchers at Guardicore, the attack has been named WarezTheRemote and is termed to be a very serious threat considering that the remote is used for over 18 million devices across the USA.
Via: Guardicore
Explaining the attack process, the researchers state in a blog post that:
WarezTheRemote used a man-in-the-middle attack to exploit remote’s RF communication with the set-top box and over-the-air firmware upgrades – by pushing a malicious firmware image back the remote, attackers could have used the remote to continuously record audio without user interaction.
The vulnerability was that the original XR11 firmware didn’t verify that responses to encrypted requests are encrypted as well. This means that if an attacker within RF range had responded to outgoing (encrypted) requests from the remote in plaintext, the remote would have accepted the spurious responses.
An alarming thing to note is that the entire attack can be done re ..
Support the originator by clicking the read the rest link below.
