Is your TV watching you? New hi-tech hacks target locks, webcams and TVs

“You are about to enter one of the most hostile environments in the world,” says the ticket. “Do not use the Wi-Fi network. Change your passwords immediately after leaving Las Vegas.”

The annual Black Hat security conference in Las Vegas is a Mecca for hackers - where security researchers and self-styled hackers show off vulnerabilities in everything from PCs to hotel door lock systems.

This year, hackers have turned their attention on the home - hacking everything from door locks to burglar alarms to televisions. One group even showed how to hack an electronic toilet.

One researcher showed off an Ocean’s Eleven-style hack that allows people to “replace” the video in surveillance cameras.

Publishing this research  can make the world a safer place - Apple, for instance, has added a new layer of defence to its upcoming iOS 7 software for iPhones, which will warn users if a charger is attempting to “hack” their device.


                 [Related: The 10 easily guessed PIN codes that hand money to thieves]

Many of the hackers present, though, have a somewhat uneasy relationship with the law. Federal agents were specifically asked not to attend this yeare. The event has hosted “Spot the Fed” competitions.

As the invitation says, “Hackers are in Vegas and like to play - everything can be hacked, including your brain.”


Is your smart TV watching you?

“Smart TVs” - internet-connected televisions - can be hacked, according to researcher SeungJin Lee, allowing attackers to “watch” families through webcams, and working even if the victims try to turn the set off.

More than 80 million Smart TVs sold around the world in 2012, Lee says - but, “we hardly see security research on Smart TVs.” Lee showed off an attack on a Samsung television that allowed him to insert fake news stories into a Smart TV’s internet browser.

Hacking your front door

There are 200,000 “home automation systems” in UK homes, allowing people to unlock their front door with a touch of a button - but researchers warn that it’s all too easy for hackers to do the same.

 “Connecting things to a network opens up a whole range of vectors of attack, and when you are talking door locks, garage doors, and alarm controls it gets scary,” says Trustwave consultant Daniel Crowley. “If someone can access your home network, but doesn’t have a key to your home, they can still unlock your door and get in,” Crowley said of what he found in gear on the market.

All  hacker needs to do is break into a home network - either through badly protected wireless routers, or malware on a PC.

The “Black Widow” iPhone charger which hacks your phone in 60 seconds

Watch where you charge your iPhone. Georgia Tech researchers have shown off a charger which silently hacks any iPhone plugged into it, inserting an infected version of the Facebook app which then spies on users.

Researchers from Georgia Tech hand-made a “malicious charger” called Mactans - after the scientific name for the black widow spider - which automatically hacks any phone plugged into it. Apple is to add a new security feature to its upcoming iOS 7 to deal with the threat.

"Despite the plethora of defense mechanisms in iOS, Mactans was able to install arbitrary apps within one minute of being plugged into current-generation Apple devices running the latest operating system software," said Georgia Tech’s Billy Lau.

How hackers can see through your security cameras

Heist-movie style hacks where the real video from a security camera is replaced with fake video are possible, according to Craig Heffner, formerly of the National Security Administration, who showed off a hack which could allow people to remote-control cameras made by household names such as D-Link, Trendnet, Cisco, IQInvision, Alinking and 3SVision.

 “Thousands of these cameras are Internet accessible, and known to be deployed in homes, businesses, hotels, casinos, banks and prisons, as well as military and industrial facilities,” says Heffner.

The “booster” that can hack your phone as you walk past

“Signal boosting” devices that are used in homes to improve mobile signals could turn into a potent weapon for hackers, according to security firm iSEC.

The firm showed off a hack on a $250 “femtocell” booster used by American company Verizon - which allowed them to “listen in” on any phone on the same network. Verizon has since patched the vulnerability, but the same booster is used by other networks worldwide.

 "We can operate a cellphone tower, and see everything that your phone would send to a cellphone tower: phone calls, text messages, picture messages, mobile web surfing," Tom Ritter of iSEC Partners.  "We can see and record it all."

Hacked “femtocells” could be placed in public areas - becoming in effect a mobile phone mast under control of cybercriminals, harvesting information from anyone who walked past.