m0leCon 2025 - Andrej Danis - Exploiting Smart TVs using the HbbTV Protocol скачать в хорошем качестве

m0leCon 2025 - Andrej Danis - Exploiting Smart TVs using the HbbTV Protocol

m0leCon 2025 Turin, Italy - 22/03/2025 The Hybrid Broadcast Broadband TV (HbbTV) is a protocol developed to combine standard television broadcasts with digital content over the Internet. In 2009, an industrial consortium led by the German broadcaster RTL launched the HbbTV initiative, setting a standard for a broadcast/broadband hybrid protocol to deliver content to Smart TVs, set-top boxes, and other connected multiscreen devices in an interconnected environment. With millions of supported devices around Europe, questions about the protocol's security arise. Recent studies have already shown that HbbTV provides users with little or no security and privacy. HbbTV's security and privacy issues are manifold. They range from a simple echo request from the broadcaster to check if the user is still watching to content-based attacks that replace URLs to show viewers different content than was intended. These issues have also been abused in practice, most recently in May 2022 when hackers exploited HbbTV broadcasts of Russian TV stations to show anti-war messages. In our work, we analyzed the security of HbbTV applications by doing practical experimental research on selected smart TVs. Notably, we focus on three different Target of Exploitation (ToEs) from Toshiba, Samsung and LG vendors. We selected such devices as they support different Operating Systems (OS), respectively Android TV, Tizen OS and WebOS, and are manufactured in different years. By analyzing their software, we can infer that HbbTV adopts a different browser than the one advertised by the TV. Following, we demonstrate how anyone can develop and deploy their malicious HbbTV application. We show the feasibility of HbbTV hijacking attacks by replacing the legit application in a (pre-recorded) broadcast stream and re-modulating the signal to a Smart TV. We exploit our ToEs smart TVs using HbbTV following our proposed threat model. In particular, we focus on Denial of Service (making the TV unusable), Spoofing (replacing news banners with fake ones), and Phishing (tricking users into inputting sensitive information, like credentials) threats. All our three ToEs are affected by such threats, showing the risks that users are subject to. Finally, we show how both the Toshiba and LG TVs can be used to scan the local network they are connected to and send HTTP requests to other connected devices, broadening the attack surface and potentially hindering the safety of users in case of critical devices connected, such as health monitors.