PDA

View Full Version : squeezeboxes ramdomly playing scary music at full volume



maggior
2016-10-05, 23:16
Anybody else have this happen to them tonight. The booms in my kids rooms started playing scary metal music at full volume. I would turn them off and they would in a few minutes turn back on. After a while all of them were playing either a scary metal song or some scary rap song.

I couldn't figure out what was going on and I just pulled the plugs on all of them. I disabled the server and I don't think that had an impact. The squeezeboxes were connected locally...I verified that they weren't connected to mysqueezebox.com

Seems like a hacker is having fun...not sure if this is a widespread thing or not.

mherger
2016-10-06, 00:15
> Seems like a hacker is having fun...not sure if this is a widespread
> thing or not.

Not much hacking is required if you expose your LMS to the internet. See
http://forums.slimdevices.com/showthread.php?t=106153. Just turn off
port forwarding on your router if you've enabled it.

--

Michael

maggior
2016-10-06, 06:21
Thank you very much for the reply. Port forwarding is now turned off :).

It's reassuring to know it isn't just me that this happened too. Scared the hell out of my family.

mherger
2016-10-06, 06:46
> It's reassuring to know it isn't just me that this happened too. Scared
> the hell out of my family.

I was wondering whether this was just one guy having fun, or whether LMS
exposure now is part of some penetration test or other hacker tool kit...

--

Michael

Mnyb
2016-10-06, 07:50
...hmm Remeber that troll that actually asked for "sharing" of music librarys some weeks ago ?

maggior
2016-10-06, 07:56
> It's reassuring to know it isn't just me that this happened too. Scared
> the hell out of my family.

I was wondering whether this was just one guy having fun, or whether LMS
exposure now is part of some penetration test or other hacker tool kit...

--

Michael

The way the attack seems to have evolved (now using scary sounding deathmetal music) it seems like somebody having fun pulling a prank. Shutting down squeezebox server didn't stop the music. I was thinking perhaps this is because it was coming form an internet radio stream? If that's true, it seems like somebody is tweaking the attack to maximize the impact. One never knows though. In the other thread, I noticed one affected person is from Sweden. I am in the US. Whoever is doing this isn't limiting themselves to a small geographical area.

I wonder if this is being reported in the official support forum. I came to this forum because it is what I'm familiar with and last I knew it was still active.

Dogberry2
2016-10-06, 13:13
Is the LMS CLI tougher to hack into if LMS is passworded? Or is that password worthless?

maggior
2016-10-06, 14:20
I had a username and password set up and was using a non standard port (9001). They still got in :(.

Dogberry2
2016-10-06, 16:03
I had a username and password set up and was using a non standard port (9001). They still got in :(.

I had a feeling the security was basically a tissue paper padlock. Thanks for the info.

Gnq
2017-01-31, 17:26
Mine too. UK. Two SB receivers, two SB radios and a Duet Controller kicked in at deafening volume with sirens and motorbike noises. I had Port Forwarding so I could get my music library in the car. Not any more. Suddenly the Internet of Things doesn't seem such a good idea. Am I right in thinking all these sonic attacks are via open forwarded Ports? There's no chance that the LMS is hacked?

Mnyb
2017-01-31, 20:53
Mine too. UK. Two SB receivers, two SB radios and a Duet Controller kicked in at deafening volume with sirens and motorbike noises. I had Port Forwarding so I could get my music library in the car. Not any more. Suddenly the Internet of Things doesn't seem such a good idea. Am I right in thinking all these sonic attacks are via open forwarded Ports? There's no chance that the LMS is hacked?

Yes it's via the port , they get at the server just as easy as you do . They can just paste some radio URL and have fun .

I use LMS in my car via iPeng , but I'm using open VPN . So a vpn tunnel to your phone is what you want .

Most people already have all things needed .

A fairly recent router with OpenVPN support .
And iOS and android have ovpn apps .