On the 8 of September, Keksec a Hacker group collective disclosed a guide on how to control digital billboards running Prismview software.
Keksec made the headlines in 2018 when they Hacked billboards to display John’s Mc Afee tweets. But accordingly, to the group twitter feed, they are active since 2017.
The group mostly posted or retweeted pictures of those billboards and went silent after 2018 hacks.
Now they are back with a message directed to the company Prismview formerly known as Yeasco that created and owns the PrismView software used to display advertisements on the electronic billboards.
Ah, there you are! Our faithful friend! Our fantastic follower! We're very sorry for being gone for so long. Sadly, as with all things, we have weened and waned in and out of existence. Heat has come and gone. Boxes, shells, and exploits too have seen the light of day only to be snuffed out by zealous whitehats. Somehow, despite the religious fervor of the whitehat, our billboard vulns haven't been killed. You shitters really dropped the ball. No, YESCO, telling customers to move boards behind a VPN is *not* a patch. In this file we're dropping the deetz on YESCO's (and now Samsung's) Prismview billboard software. Public Disclosure Timeline: Found: maliciously Contacted vendor: technically Disclosed publicly: affirmatively
From the message, it seems that the Hacker Group is in disbelieve that after all the media attention, the billboards running Prismview are still an easy target.
It should also be remembered that the Prismview team was immensely disorganized in creating the Prismview software.
There is even a reference to Brian Krebs, an Investigative Journalist known for writing about Cyber Crime.
<UserName>bkrebs</UserName> <Password>god</Password ... You can then authenticate with the server $ curl -H'User: bkrebs' -H'Password: god' http://LAME/PRISMVIEWLOGIN001 OK Password
Accordingly to the company official website, Prismview is a US-based company. It has its roots in the ’90s and now is responsible both for the production, software, and installation of billboards. They installed them in many famous locations like New York Time Square, Piccadilly Circus, and several locations in Las Vegas.
Most interesting, the company has expanded it’s business in the sports area and was acquired by Samsung.
From the website: “In 2002, we installed our first LED digital billboard display for the outdoor advertising industry. We have grown to become one the world’s largest digital outdoor display manufacturers with over 2,000 installations throughout North America and Western Europe and as far away as Melbourne, Australia.”
The website enlists many positive aspects of their product, yet there is no reference to security.
The only security information refers exclusively to hardware durability and not software security.
Billboard Hacks is nothing new and is not as popular as other forms of Hacking. Probably because they are evident, do not give any financial benefits, and can lead to prison sentences.
Billboard Hacking came a long way since the non-led display Hacks.
A notable example of paper billboards hacks is of a group called the Advertising guerrilla act that changed billboards in Santa Cruz in the 80′.
What is fascinating about the group was the number of preparations that they needed to do before executing the hack. You can read the full process here.
In the last years, billboard Hackers gained attention, mostly when they displayed porn videos. There are two familiar examples, one in Russia and the other one in Indonesia. Even if the motives were “just for fun”, in both cases, it led to prison terms.
Indonesia is a majority Muslim country where pornography is banned, therefore making the sentence and treatment of the Hacker harsher.
There are fewer examples of billboards hacks with a happy end.
In 2013, college students from Belgrade played Space invaders on a billboard, displayed the message HACK4FUN and contacted the billboard company to inform about the vulnerability. After the stunt, they were praised by the company and rewarded with an iPad.
Keksec hacks involve funny images that might make some people laugh and raise some eyebrows in others.
When contacted, Keksec clarified that they chose to disclose the security issues in such a way as it is more convenient and fun. They do not see Prismview as a professional company since the code is messy and when customers get pwned, they ask them to move the board to a private subnet without solving the vulnerability.
When asked if they have a beef with white hats, they shared that they do not like them. The reason is that they tend to act for the bullshit notion of the “good of infosec”, accordingly to their words, while Keksec does it for themselves and fun.
When asked if they want to share more about themselves or leave a message, they answered:
Hack the planet!A famous quote from Hacker movie of 1995, called Hackers.
Prismview was also contacted to yield their view on the disclosure. It remained without response.
If there is any information you want to share on the story you can contact me in different ways.