The attack uses the Hybrid Broadcast Broadband TV (HbbTV) standard. This system is already in very wide deployment in Europe, and has recently been adopted as part of theAmerican digital television standard.
The Hybrid Broadcast-Broadband Television (HbbTV) specifiction allows broadcast streams to include embedded HTML content which is rendered by the television. HbbTV essentially helps broadcasters exploit the internet connection of a smart TV to add extra information to programmes or so advertisers can do a better job of targeting viewers.
Yossef Oren and Angelos Keromytis, from the Network Security Lab, at Columbia University, have found a way to hijack HbbTV using a cheap antenna. In their paper, the researchers present the attack methodology and a number of follow-on exploitation techniques that provide significant flexibility to attackers. They demonstrate that the technical complexity and required budget are low, making this attack practical and realistic, especially in areas with high population density - in a dense urban area, an attacker with a budget of about $450can target more than 20,000 devices in a single attack.
"For this attack you do not need an internet address, you do not need a server," Mr Oren says. "You just need a roof and an antenna and once you are done with your attack, there's completely no trace of you."
For instance, the researchers said, if owners had logged in to Facebook via a TV app, the attack could be used to post messages on the social network on that person's behalf.
The researchers have disclosed their work to the standards body, but they say that attack was viewed as too expensive and with limited pay-off to the attackers.