Samsung Smart TVs are vulnerable to a zero-day exploit, an attack against which there is no defense, which could allow hackers to obtain sensitive information such as victims' viewing histories and remote files and make transfers to USB drives that are physically attached to infected televisions.
"This specific vulnerability affects almost all the Samsung televisions of the latest generations, so multiple models," Luigi Auriemma of ReVuln, the small security firm that discovered the flaw, told the Register.
As it's done in the past, ReVuln said it will sell the details of the exploits rather than alert manufacturers to the problem. The Malta-based security firm said this approach is intended to "speed up" the development of security fixes, but some security experts condemn the practice as irresponsible and dangerous to consumers.
"We plan to invest more time and effort on the home devices security in the near future testing the products of many other vendors," Auriemma said, adding that the company began with Samsung as the " advanced TV " market leader.
Advanced televisions, which contain apps such as Netflix, YouTube, and a Web browser and function much like smartphones, seem to be the latest frontier piquing security researchers' interest.
Security Explorations, another research firm, found a way to infect TVs with malware in January that could steal or piggyback on a pay subscriber's satellite signal. Instead of auctioning off the exploit to the highest bidder, though, the company took the flaw to the products' makers.
As more of users' devices become networked and go online, the more avenues cybercriminals seem to have to wreak havoc on consumers’ lives.
"Televisions are just the beginning," Auriemma said.
Follow Ben on Twitter.