Skip to main content

Hacks to turn your wireless IP surveillance cameras against you

posted onApril 15, 2013
by l33tdawg

L33tdawg: Presentation slides from Sergey and Artem's #HITB2013AMS presentation is here.

Sergey Shekyan and Artem Harutyunyan, researchers from the security firm Qualys, said the search engine Shodan shows about 100,000 wireless IP cameras that have "little or no emphasis on security." At the recent Hack in the Box security conference in Amsterdam, the researchers presented,

According to the abstract, "The web based administration interfaces can be considered as a textbook example of an insecure web application and easily leads to an exposure of not only sensitive personal information (such as wireless network, FTP, and even email access credentials), but also provides an eye to an inside of your house. Apart from the flaws in the web interface, the cameras also use questionable security practices when it comes to securing the firmware, which leads to even more interesting attack vectors."

Shekyan wrote, "We'll try to get some attention on security flaws of widely available IP surveillance cameras that you can get at Home Depot for as low as $70. It's quite a challenge for us, because we never dealt with embedded devices before, although security issues in the embedded web server of the camera themselves are enough to do whatever you/bad guy/Chinese government want."

Source

Tags

Privacy Security HITB HITB2013AMS Netherlands

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th