Google’s Chromecast is one of the best media players on the market. Unfortunately for users, it might also be among the absolute easiest to hijack, giving tech-savvy pranksters total control over your television screen.
The Rickmote Controller, a new tool built on a Raspberry Pi, takes over a Chromecast and television in a matter of thirty seconds to play whatever the attacker wants—in this case, of course, it’s vintage Rick Astley.
Security consultant Dan Petro built his evil little toy with a Pi, two Wi-Fi cards, open-source Wi-Fi cracking software called Aircrack, and a touchscreen. That’s an altogether cheap collection of hardware capable of cracking the increasingly ubiquitous Chromecast.
It works by flooding the media player with Wi-Fi disconnection requests. In doing so, the original user is unable to take back control from the hijacker.
The catch is that the Rickmote-equipped attacker has to be in Wi-Fi range. So, in case of an ‘80s-pop emergency for your Chromecast, check your little brother’s room.
Jokes aside, branding this little tool with Rick Astley’s voice is just a way of putting a happy veneer on an major security vulnerability. An attacker can play virtually anything on your television screen once he or she controls your Chromecast, including media that is much less genteel than Rick Astley.
H/T Raspberry Pi | Photo via Google | Remix by Jason Reed