Israeli researchers find breach allowing hackers to spy through remotes

The Guardicore researchers informed Comcast of the breach and worked with them to fix the problem.

A Comcast sign is shown on the side of a vehicle in San Francisco (photo credit: ROBERT GALBRAITH/REUTERS)
A Comcast sign is shown on the side of a vehicle in San Francisco
(photo credit: ROBERT GALBRAITH/REUTERS)
Researchers from the Israeli Guardicore company have found a security breach that would allow hackers to listen to users through remotes belonging to the Comcast cable company in the US.
Comcast provides remotes that can accept voice commands. The security breach would allow hackers to activate the remote from a distance and listen to whatever was happening within meters of the remote.
The cable service is installed in over 18 million households and offices around the US.
The remote automatically checks for updates every 24 hours. When it checks for updates is when the breach occurs, allowing hackers to turn the remote into a recording device.
Guardicore researchers informed Comcast of the breach and worked with them to fix the issue. All the affected remotes were updated with the fix.
The researchers recommend that all companies that provide remotes with voice control carefully test them to prevent security breaches.
"The modems piqued our interest due to the fact that they are directly connected to the server farms of the communication providers," explained Ofri Ziv, vice president of Research at Guardicore, in a press release. "After we managed to hack into the modem, we decided to take a look at the remote that came with it as well. The reason for our curiosity was the fact that the remote is equipped with a microphone, which immediately makes it an attractive attacking target due to the possibility of listening through it."
The researchers were also interested because the remotes support RF technology, allowing them to communicate from a long distance and through walls.
"Immediately after discovering the vulnerabilities and the ability to use them for malicious purposes, we reported this to the company, which responded quickly and professionally, releasing software updates that fixed the various bugs we reported in both the remote and the modem, and installed them on the end devices using a remote update mechanism," Ziv said.
Guardicore provides software to hundreds of companies to protect their systems in the cloud and internal servers.