Home How Raspberry Pi Can Hijack Chromecasts

How Raspberry Pi Can Hijack Chromecasts

There’s good news for anyone who thinks Chromecast suffers from a severe lack of Rick Astley, although it’s bad news for anyone concerned about the security of Google’s TV stick. Word’s spreading about a Raspberry Pi–based gadget that can seize control of the device, making it relatively easy to Rickroll Chromecast users. 

See also: 5 Cool Chromecast Hacks And Workarounds

Created by security researcher Dan Petro of Bishop Fox, the appropriately dubbed Rickmote Controller takes its name from the popular Web prank, which involves getting unsuspecting users to click a link that plays Astley’s “Never Gonna Give You Up” music video. Petro first unveiled this project last October at San Diego’s ToorCon hacker convention, but the hack has recently gotten a new boost of attention thanks to a recent mention on the Raspberry Pi blog

In this case, the Rickmote can take over a Chromecast and send those luscious baritone notes to a nearby Chromecast-connected TV. Here’s how.

Chromecast, All Your Streams Are Belong To Us. XO, Rickmote

The Rickmote gizmo works by sending a flurry of “DEAUTH” commands to the Chromecast, which effectively knocks it off the network and puts it into configuration mode.

While in this default setup mode, Chromecast broadcasts its own Wi-Fi signal, making it easy for the Rickmote to connect and direct the TV stick to do its bidding—like blasting an iconic 80s pop song to an unwitting group of pals.

The Rickmote, in action

Petro concocted the Rickmote to prove a point—that he could compromise Chromecast’s security with a few easily gotten tools. He cobbled together a Raspberry Pi (a credit card–sized mini computer), a couple of Wi-Fi radios, a touch display and Aircrack, an open-source Wi-Fi cracking application. End result: A Rickmote that, he says, can discover any nearby Chromecast, push it off its network, and pipe those sweet pop vocals (or anything else you want) to other people’s TV screens.

It’s a hilarious scenario, but there’s a serious issue here, too. The vulnerability that makes Rickcasting possible may not be unique to Chromecast. It seems logical that any gadget with a simplified setup that broadcasts its own Wi-Fi signal without a password, as Chromecast does, may also be vulnerable to this exploit.

See also: Until We Fix Our Connected Homes, Hackers Will Keep Screaming At Babies

And you just know that things will take a turn for the creepy once some jerk sends adult material to a room full of kiddies.

How Big A Flaw Is This, Really?

Even worse, Petro told Wired recently that he thinks the bug might let Chromecast attackers extract the owner’s Wi-Fi credentials, which would compromise a user’s entire network. “It would be a nice way of scraping out the password to a lot of people’s networks,” he said. That would be an enormous flaw, though, and he stops short of confirming it.

My sources tell me that level of security breach isn’t possible with this hack. And it’s worth remembering that this particular Chromecast-hijack can only be performed when the Rickmote and Chromecast are in close proximity, which limits the damage potential by far-flung strangers.

If you want to hack together your own Rickmote (or ColdPlaymote or Minajmote, et al.)—because, you know, science—Petro outlines the process pretty clearly in the following video and even offers a GitHub repository for the source code here.

Google wouldn’t comment on this story for ReadWrite. But when Petro alerted the company, he said the tech giant basically shrugged. The company told him it was a key part of Chromecast’s easy setup, he said, and Google seemed reluctant to monkey around with—i.e., fix—that. 

Meanwhile, elsewhere on the Web, Rick Astley’s music video apparently did give up. The original YouTube viral video was just pulled down for unspecified reasons. But take heart, pranksters: Vevo posted it on YouTube in 2009, and that version, with its near-85 million views, is still here for your Rickrolling pleasure. 

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.