Rafael Scheel, a security researcher working for Swiss cyber security consulting company Oneconsult, said the attack is unique and much more dangerous than previous smart TV hacks.
It is nasty because the attacker can execute it from a remote location, without user interaction, and runs in the TV's background processes, meaning users won't notice when an attacker compromises their TVs.
The hack is similar to one found in the CIA's Weeping Angel toolkit, but apparently was developed without it.
Scheel says that "about 90% per cent of the TVs sold in the last years are potential victims of similar attacks", highlighting a major flaw in the infrastructure surrounding smart TVs all over the globe.
The hole is in the Hybrid Broadcast Broadband TV (HbbTV), an industry standard which is supported by most cable providers and smart TV makers. It "harmonizes" classic broadcast, IPTV, and broadband delivery systems. TV transmission signal technologies like DVB-T, DVB-C, or IPTV all support HbbTV.
Scheel says that anyone can set up a custom DVB-T transmitter with equipment priced between $50-$150, and start broadcasting a DVB-T signal.