Hackers create website with illegal streams from 73,000 private IP cameras

Justin Kahn

Posts: 752   +6

While many people install home IP surveillance cameras to feel safe, a creepy new site has surfaced to exploit those who have yet to change the default password. Known as Insecam, the site tracks tens of thousands of IP cams without custom passwords and serves them up so anyone can watch the feed. While the site claims it is simply bringing awareness to those with default passwords, allowing the entire internet to watch someone in their living room without them knowing it probably isn’t the way to do it.

The site has seemingly hacked into 73,000 cameras from all over the world including parking lots and exterior locations as well as inside people’s homes. It seems to be able to tap into a wide range of models from various manufacturers. There are more than 11,000 cameras in the US available for streaming on the site right now. It appears the group has some kind of automated process that adds thousands of IP cameras everyday.

The unknown owners of the site, which is registered with GoDaddy and linked to an address in Moscow, claim it has been “designed in order to show the importance of the security settings.” The group also says in order to remove your camera from the list, “the only thing you need to do is to change your camera password."

Regardless of the potential motives to make such a service available, it certainly does’t seem like a very effective way to do it, and reports suggest it is a clear violation of the Computer Fraud and Abuse Act. It's hard to believe the site, which is littered with ads, is supposed to be anything more than a way to make money, with none of the owners being notified. It is probably a good idea to change your IP cam’s password just in case, and be sure to let your friends and family who may still be using a default option know as well.

Permalink to story.

 
Dudes saw the Dark Knight and figured, that's not so hard.
 
Not just use. A lot of them are dead.

And only 6 at one time. Lame!

And yea "guessing" default password is not hacking technically..

But legally, hell yes it's hacking! You do NOT have permission to use said device/service/whatever so yea it's "hacking".
 
And yea "guessing" default password is not hacking technically..
Actually, it is hacking by definition. Just because the hack was unsophisticated, that doesn't mean its not a hack. Any unauthorized use of a computer system is a hack.
 
"hacked into 73,000 cameras"
Sure its 'hacking' because its illegal. But Im not sure they 'hacked into' anything.
Im pretty sure you can get the exact same information and streams from a simple google search.
So therefore is google 'hacking' these cameras too because it can pick up their stream with their web crawler?
 
I expect better from Techspot in its usage of "Hacking".

The vast majority of these cameras are either unsecured or in default configurations. That's no more hacking than finding your friend's Facebook account left open posting a gag status.

Have some respect for your user base, this isn't Gawker.
 
I expect better from Techspot in its usage of "Hacking".

The vast majority of these cameras are either unsecured or in default configurations. That's no more hacking than finding your friend's Facebook account left open posting a gag status.

Have some respect for your user base, this isn't Gawker.
"The use of a computer to gain unauthorized access to data in a system" is the definition of the word, so that scenario is still hacking. It's is not what most consider hacking but it is still hacking. The important word is unauthorized the definition never states now you get the access just that it is unauthorized.
 
Webcam viewing from cities has always been available. This just going after those IP addresses that are not secured. So this site that you have linked to has more web or ip cams from all sorts around this planet. Except Area 51, Hollow Earth an etc.
 
Hacker is only the brain injured media terminology.
Hackers never do illegal activity.
Same way as called patriots as terrorists.
Who stolen login that is Cracker not hacker.
 
Unauthorized is a little vague as well - by not changing default passwords you could interpret as permission. Hell - its my interpretation that some of these people WANT to be watched ;-)
 
So basicaly what people are saying is if you access a web page on the internet you are hacking????? I didnt get the permission to check www.google.com so I am hacking it? Come on people, if you are dumb enough to hook your camera to the internet with the default password then you want people to watch it. Stealing is illegal so why do cops give ticket if you leave your car door unlock?
 
Back