FOLLOW US

Comcast Corporation (NASDAQ: CMCSA) acknowledged that the Xfinity voice-activated remote had a major security flaw that could allow drive-by-hackers to record and listen clearly to consumers' private conversations in their homes. 

However, the Philadelphia-based cable giant immediately took steps and fixed the vulnerability in XR11 remote control for cable TV. 

The cable giant's XR11 is an ease-of-use remote that allows users to use their voice to find the channel or content they want instead of entering the numbers or scrolling up and down on the channel guide. 

A cybersecurity company based in Tel Aviv, Guardicore discovered the vulnerability and submitted an extensive report to Comcast in April.

In response to the report, the cable giant launched an investigation into the security flaw and was able to fix it last month.

On Wednesday, Guardicore researched published their report indicating that there are 18 million units of XR11 remote controls in use across the United States. It is on “one of the most widespread remote controls in existence."

The researchers also noted that most of the past research was focused on security issues affecting interconnected devices such as "smart" speakers. According to them, the Comcast XR11 does not connect to the internet but it is equipped with a radio frequency.

Comcast remote vulnerable to drive-by-hackers

Guardicore researchers used a radio receiver and an antenna to send software updates by intercepting the daily communications between the cable box and remote. They then temporarily shut down and impersonate the box sent malicious software to make the remote record and transmit audio on command, according to the cybersecurity company's senior researcher JJ Lehmann

Researchers took over the Comcast XR11 remote from 65 feet away, but if they had better equipment it would have allowed them to deploy the attack from farther away, he added.

“This is the alarming part. It conjures up the famous ‘van parked outside’ scene in every espionage film in recent memory," the researchers stated in their report. 

Also, the researchers described how drive-by-hackers outside of a target residence could install custom firmware on the remote to force it to record audio without discovery and stream it back to the bad actors. 

The attack, named “ WarezTheRemote”, requires no interaction with the victim and would be very cheap to carry out. All the hackers would need is a low-priced RF transceiver and antenna. It can be remotely launched but requires physical distance not to exceed 65 feet.

Comcast statement outlines the “fix”

In a statement, Comcast said a comprehensive review of the security was conducted. The company found no evidence that its customers' privacy was compromised due to the vulnerability.