1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Some DSLR cameras can be infected with ransomware

By midian182 · 12 replies
Aug 12, 2019 at 8:20 AM
Post New Reply
  1. Researchers at Check Point Software Technologies revealed how the Picture Transfer Protocol (PTP) can be used to infect a DSLR camera with ransomware.

    PTP, which is unauthenticated in both USB and Wi-Fi modes, is particularly vulnerable to attacks by hackers who are either in close proximity (Wi-Fi) or who have already hijacked a PC (USB).

    The researchers posted a video demonstrating how they were able to insert ransomware onto a Canon E0S 80D over Wi-Fi. After setting up a rogue Wi-Fi access point, which could be placed at a tourist attraction, and once the camera is in range and connected, an exploit is run that accesses the SD card and encrypts any photos it contains. The only way to retrieve them is to pay the ransom—though that doesn’t always guarantee that the hackers will comply.

    Check Point disclosed the vulnerability to Canon back in March, and the pair have been working on a patch since May. While there have been no reported instances of the vulnerabilities being exploited, the camera maker issued a security advisory last week. It advises users to avoid connecting to an unsecured network such as free Wi-Fi spots, disabling the camera’s network functions when not in use, and updating the official firmware via a download from Canon’s website.

    While a Canon camera was used in this instance, Check Point told The Verge that other manufacturers who use the PTP protocol could also be vulnerable to the same attack.

    Permalink to story.

  2. Nero7

    Nero7 TS Evangelist Posts: 421   +170

    Ofc nothing is safe. There is no such thing as 100% safety especially not for digital products. Even offline hardware can be infected with all kinds of specialized tools.

    Expect more such news within every 12 hours.

    The revelations are upon us.
  3. Uncle Al

    Uncle Al TS Evangelist Posts: 5,503   +3,890

    Strange that they are only just not notifying owners .... the problem has existed ever since their first direct WiFi connection but in most cases in the past you simply needed to remove batteries then reboot the system so this one must be a bit more aggressive ....
  4. wiyosaya

    wiyosaya TS Evangelist Posts: 4,118   +2,406

  5. Igrecman

    Igrecman TS Maniac Posts: 300   +178

    That's North Korea for sure. That's how they get the funds to make their miserable dictatorship survive, but barely. China and Russia are doing nothing about it, they just applaud and laugh.
  6. Stormbreaker

    Stormbreaker TS Enthusiast

    Will a full format of the SD card work? Except for the camera there is nothing to be worried about in my case
  7. m-tec

    m-tec TS Booster Posts: 70   +39

    I doubt it, as they have shown, even card readers can house malware and the card goes in the reader...
  8. lexster

    lexster TS Guru Posts: 531   +261

    If it's got software and can be connected to the internet, it can be hacked.
  9. Markoni35

    Markoni35 TS Addict Posts: 245   +113

    OMG, which cretino makes a DSLR identical to a phone, or laptop? It should have totally different firmware, and unable to execute any external code. Are all software developers nowadays complete morons? Do other camera manufacturers have similar imbeciles making their firmware??
  10. Markoni35

    Markoni35 TS Addict Posts: 245   +113

    Nope. When the software is well made it's not possible to execute external code. But it's this new generation of imbecile programmers that just include an external library and voila - the software is finished. Quickly and sloppy. It includes the same Android OS as phones or SmartTVs, but they don't care. They don't even disable features to make them more safe. What a bunch of..... (censuring myself).
  11. lexster

    lexster TS Guru Posts: 531   +261

    Incorrect. You do not need to be able to execute code to hack a device.
  12. urbanman2004

    urbanman2004 TS Booster Posts: 117   +35

    Another reason I never support Canon products. Not only are they inferior to other competitors, but now they're plagued w/ exploits.
  13. Igrecman

    Igrecman TS Maniac Posts: 300   +178

    My 5$ pocket calculator is locked by ransomware. Should I pay the ransom?

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...