Smart TVs Will Be ‘Big-Ticket Items’ for Hackers This Holiday, Says Symantec Researcher

a short time, a brand new set can be so infected with ransomware as to make it “ultimately unusable,” Wueest said. It found that hackers can easily install malware on the TV because not all its Internet connections make proper use of secure sockets layer encryption, and some that do don’t verify SSL certificates “thoroughly enough,” he said. For example, some TVs accept “self-signed” SSL certificates, “which are easy for attackers to create,” he said. When a user downloads an app to a smart TV, “the attacker could intercept the request and redirect it to another server,” he said. “So instead of the TV downloading the real app from the legitimate server, the request is redirected to a different server, which instead sends down a malicious app to the TV. Once downloaded, the user still has to accept the permissions requested by the malicious app and open it, but since the user doesn’t know the app is not the real one, they will likely accept and install the app anyway.” Though firms like Symantec have “yet to see any widespread malware attacks targeting smart TVs,” that doesn’t mean attackers “won’t target these devices in the future,” he said. To mitigate the threats, smart TV owners need to review privacy policies carefully and “understand the data you are agreeing to share,” he said. Users also should be careful “when installing unverified applications from unknown sources,” and to enable “app verification” in the TV’s settings whenever possible, he said.