The researchers also noted that most of the past research was focused on security issues affecting interconnected devices such as “smart” speakers. According to them, the Comcast XR11 does not connect to the internet but it is equipped with a radio frequency.
Comcast remote vulnerable to drive-by-hackers
Guardicore researchers used a radio receiver and an antenna to send software updates by intercepting the daily communications between the cable box and remote. They then temporarily shut down and impersonate the box sent malicious software to make the remote record and transmit audio on command, according to the cybersecurity company’s senior researcher JJ Lehmann
Researchers took over the Comcast XR11 remote from 65 feet away, but if they had better equipment it would have allowed them to deploy the attack from farther away, he added.
“This is the alarming part. It conjures up the famous ‘van parked outside’ scene in every espionage film in recent memory,” the researchers stated in their report.
