Two hackers have gathered to promote Felix "PewDiePie" Kjellberg by forcing TVs to display a message that encourages people to subscribe to their YouTube channel. The heel utilizes a router setting that allows smart devices, such as Chromecasts and Google Homes, to be viewed on the Internet on the Internet. The attacks can then gain control of the devices and broadcast videos on a connected TV.
The attack, referred to as CastHack, is carried out by two hackers, HackerGiraffe and j3ws3r. An attack site claims to count the number of TVs forced to display the PewDiePie message and currently say more than 3,000 have been affected. While it is not clear that this is an exact number (it has been reset several times), several people have written on Reddit that the video has been shown on their TV.
Google tells The Verge it has received reports from people who had "an unauthorized video played on their TVs via a Chromecast device", but said the problem was a result of the router settings. Both HackerGiraffe and Google told The Verge the best way for affected users to solve the problem is to turn off Universal Plug and Play (UPnP) on their routers.
This is the second time HackerGiraffe and j3ws3r have made up to promote PewDiePie with quirky, if disruptive, hacks. Both said they were behind a hack in November, forcing printers around the world to print paper sheets telling people to subscribe to PewDiePie.
Hakk emerged at the height of Kjellberg's ongoing battle with another YouTube channel, the T-series, which is close to passing its subscriber count.
HackerGiraffe said their attacks are about delaying vulnerabilities than promoting Kjellberg's channel. "We will help you, and also our favorite YouTubers (mostly PewDiePie)," read their website. "We are just trying to protect you and inform you about this [vulnerability] before anyone takes great advantage of it."
CastHack is supposed to remind Google of security errors, HackerGiraffe said. It includes "sensitive data being leaked" and the ability to reset Chromecasts far away. HackerGiraffe said the attack does not collect or store information from affected entities;
In December Wall Steet Journal 's website was also hacked to promote Kjellberg's channel, but HackerGiraffe said they were not involved.