Get smarter IoT devices with PewDiePie

The world of smart devices is already more secure as a result of PewDiePie – and his supporters probably will continue to hack your devices and send their favorite YouTuber those infamous support messages. Let’s just hope nobody decides to do something more malicious then demands for you to subscribe to PewDiePie.

With any luck, getting “PewDiePie’ed” will come to mean that someone has hacked into a group of unsecured smart devices – and sent them all a fan message for this well-known YouTuber. This term will go along side being “rick rolled” – getting fooled into clicking on a link to a Rick Astley music video.

More than just one giraffe

HackerGiraffe, the most famous hacker/supporter of PewDiePew, has publicly bowed out, citing the threats to life, emotional stability, and the potential of criminal prosecution for his array of hacking stunts. In just a few months, his stunts had tens of thousands of unsecured printers spewing out pro-PewDiePie messages and most recently, forced insecure Chromecasts, smart TVs and Google home assistants to broadcast the PewDiePie channel.

But that is just HackerGiraffe and his buddy User. There are copycats out there such as SydeFX. He started hacking Nest IoT cameras and demanding that the surprised owners subscribe to PewPiePew. Somebody else hacked the Wall Street Journal website for a promotional video. Then there was the hack of the Atlas game. That list of smart devices and hackers will likely grow.

Black hat, white hat, grey hat

Of course, most of these stunts did come with a public service announcement to the owner that their device was insecure and they should do something about it. In fact, in a BBC interview, HackerGiraffe pointed out that the numbers of open, unsecured printers had dropped down to 39,000 from the 60-70,000. In addition, for the Chromecast hack, they pointed out that people should turn off the Universal Plug and Play (UPnP) feature on their routers. So yes, they are making the internet a safer place.

However, doing something, however beneficial, to someone else’s device is not exactly legal. So while User and HackerGiraffe might think of themselves as altruistic white hat hackers – they were really more in the grey area – something similar to when somebody hacked the Dridex botnet and had it distributing Avira antivirus instead of the original malicious content.

Follow the money – and fix those smart device vulnerabilities

The big hits of the holiday shopping season were personal assistants such as Alexa and smart devices of all sizes, shapes, and functions. Although people have bought them, it’s clear from the work of User and HackerGiraffe that many of them have been insecurely set up – or are inherently insecure. It’s also a safe bet to assume similar PewDiePie hacks will happen in the near future. We just hope they remain more educational than malicious.

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.