Exploiting a Chromecast bug that's been allegedly ignored by Google for almost five years, a hacker has taken control of thousands of users’ Chromecast-connected devices.Hacker Giraffe has remotely gained access to TVs and smart devices of tens-of-thousands of users and displayed a pop-up that both warns of exploit and links to a page listing current number of affected devices. Despite these seemingly noble intentions, message also takes a chance to promote controversial YouTube personality, PewDiePie – a move this particular hacker has previously made by hijacking connected printers.The bug has been dubbed CastHack and utilizes Universal Plug and Play (UPnP) functionality of some routers in order to remotely gain access to devices connected on their local networks.Consequently, users are able to block this kind of access to their network by disabling UPnP on their router.Teaching an old bug new tricksWhile technically this latest hack is made possible via a security flaw in a users’ router, exploit related to Chromecast is one that has been known since year device launched.In 2014, security firm Bishop Fox found that it could gain control of a Chromecast by disconnecting it from its current Wi-Fi network in what’s known as a “deauth” attack and reverting it to a factory state. It was confirmed that device was still vulnerable to these attacks in 2016 by Pen Test Partners, another cybersecurity firm.While initial deauth attacks required hacker to be within range of target’s Wi-Fi network, this new breed of attack can occur remotely over internet, via UPnP flaw previously mentioned.