We have a summer-2020 Roku Ultra-LT and a summer-2021 Ultra 4800x. Both of them are on wired ethernet connections. Both of them say their firmware is up to date .
Both of them would have been working fine , except in the last few months they were very visibly/obviously being hacked and remote controlled by some Intruder. But I could not figure what vector the Intruder was exploiting to do this . Until today , when I was looking through the setup menus on the Ultra-LT . Disabling {control by mobile app} and {screen mirroring} seems to have locked out the hacker (for now).
I never noticed those menu items before because I primarily use the Ultra-4800x , and a few months ago it got a strange firmware update which made a lot of menu items either disappear or not work .
I am posting this to ask you all -
(1) what did the Intruder need to know about our Roku boxes to do this hacking ? Did/do they have my Roku account username and password ? Do they have the serial numbers or mac-addresses of our Ultra boxes ?
(2) How physically close to us did they need to be ? Across the wide internet ? Or just outside our doorstep ?
Thank you for any answers .
