Posts: 6,555 +58
Researchers at Check Point Software Technologies revealed how the Picture Transfer Protocol (PTP) can be used to infect a DSLR camera with ransomware.
PTP, which is unauthenticated in both USB and Wi-Fi modes, is particularly vulnerable to attacks by hackers who are either in close proximity (Wi-Fi) or who have already hijacked a PC (USB).
The researchers posted a video demonstrating how they were able to insert ransomware onto a Canon E0S 80D over Wi-Fi. After setting up a rogue Wi-Fi access point, which could be placed at a tourist attraction, and once the camera is in range and connected, an exploit is run that accesses the SD card and encrypts any photos it contains. The only way to retrieve them is to pay the ransom—though that doesn’t always guarantee that the hackers will comply.
Check Point disclosed the vulnerability to Canon back in March, and the pair have been working on a patch since May. While there have been no reported instances of the vulnerabilities being exploited, the camera maker issued a security advisory last week. It advises users to avoid connecting to an unsecured network such as free Wi-Fi spots, disabling the camera’s network functions when not in use, and updating the official firmware via a download from Canon’s website.
While a Canon camera was used in this instance, Check Point told The Verge that other manufacturers who use the PTP protocol could also be vulnerable to the same attack.