"Comcast Flaw Could Have Turned Remotes into Listening Devices"

The cloud and data center security company Guardicore discovered a new attack vector on Comcast's XR11 voice remote that would allow attackers to turn it into a listening device, posing a significant threat to a user's privacy. The attack dubbed WarezTheRemote, which Comcast has now remediated, was a major security threat as over 18 million units of the XR11 were deployed across homes in the U.S., making it one of the most widespread remote controls. The Guardicore researchers were able to break into RF communication between the remote and set-top box and then eavesdrop on conversations using a basic RF transceiver. WarezTheRemote applies a man-in-the-middle (MITM) attack to exploit the remote's RF communication with the set-top box and over-the-air firmware upgrades by pushing a malicious firmware image back to the remote, allowing attackers to record audio, without user interaction, continuously. The attack does not require the malicious actor to have physical contact with the targeted remote. It also does not require any interaction from the victim. Bud Broomhead, CEO at Viakoo, a provider of automated Internet of Things (IoT) cyber hygiene, highlighted this as another example of the potential exploitation of IoT device vulnerabilities by cyber attackers that could lead to ransomware, stolen data, or a system takeover. Remediation of IoT device vulnerabilities includes upgrading firmware, credentialing with password enforcement, and more. John Bambenek, Threat Intelligence Advisor at Netenrich, a digital IT and security operations company, adds that WarezTheRemote emphasizes the need for IoT device makers to think about security to prevent such basic attacks, but it is more important not to overlook the more severe risks. Organizations must think about the amount of data these IoT devices are allowing them to gather and whether cybercriminals can take and abuse that data. This article continues to discuss the WarezTheRemote attack that could have allowed Comcast's XR11 voice remote to be turned into a listening device and the remediation of IoT device vulnerabilities. 

Security Magazine reports "Comcast Flaw Could Have Turned Remotes into Listening Devices"