A group of researchers has found a way to hack directly into the tiny computer that controls your monitor without getting into your actual computer, and both see the pixels displayed on the monitor—effectively spying on you—and also manipulate the pixels to display different images.
Ang Cui, the lead researcher who come up with this ingenious hack, presented his findings at the Def Con hacking conference in Las Vegas on Friday along with Jatin Kataria and other colleagues.
Essentially, if a hacker can get you to visit a malicious website or click on a phishing link, they can then target the monitor’s embedded computer, specifically its firmware. The hacker can then put an implant there programmed to wait for further instructions. At that point, the hacker can mess with your monitor.
In practice, Cui said this could be used to both spy on you, but also show you stuff that’s actually not there. A scenario where that could dangerous is if hackers mess with the monitor displaying controls for a power plant, perhaps faking an emergency.
The researchers warn that this is an issue that could potentially affect one billion monitors, given that the most common brands all have processors that are vulnerable.
“We now live in a world where you can’t trust your monitor,” Cui concluded.