Also, the researchers described how drive-by-hackers outside of a target residence could install custom firmware on the remote to force it to record audio without discovery and stream it back to the bad actors.
The attack, named “ WarezTheRemote”, requires no interaction with the victim and would be very cheap to carry out. All the hackers would need is a low-priced RF transceiver and antenna. It can be remotely launched but requires physical distance not to exceed 65 feet.
Comcast statement outlines the “fix”
In a statement, Comcast said a comprehensive review of the security was conducted. The company found no evidence that its customers’ privacy was compromised due to the vulnerability.
Comcast also reassured customers that the recent fix prevents the attack described in Guardcore’s report. The “fix” provides another layer of security. The company also noted that Guardcore researchers hacked an older model of the remote. It is no longer shipping that model to customers.
“Technologists for both Comcast and Guardicore confirmed that Comcast’s remediation not only prevents the attack described in this paper but also provides additional security against future attempts to deliver unsigned firmware to the X1 Voice Remote.
