Some DSLR cameras can be infected with ransomware

midian182

Posts: 6,555   +58
Staff member

Researchers at Check Point Software Technologies revealed how the Picture Transfer Protocol (PTP) can be used to infect a DSLR camera with ransomware.

PTP, which is unauthenticated in both USB and Wi-Fi modes, is particularly vulnerable to attacks by hackers who are either in close proximity (Wi-Fi) or who have already hijacked a PC (USB).

The researchers posted a video demonstrating how they were able to insert ransomware onto a Canon E0S 80D over Wi-Fi. After setting up a rogue Wi-Fi access point, which could be placed at a tourist attraction, and once the camera is in range and connected, an exploit is run that accesses the SD card and encrypts any photos it contains. The only way to retrieve them is to pay the ransom—though that doesn’t always guarantee that the hackers will comply.

Check Point disclosed the vulnerability to Canon back in March, and the pair have been working on a patch since May. While there have been no reported instances of the vulnerabilities being exploited, the camera maker issued a security advisory last week. It advises users to avoid connecting to an unsecured network such as free Wi-Fi spots, disabling the camera’s network functions when not in use, and updating the official firmware via a download from Canon’s website.

While a Canon camera was used in this instance, Check Point told The Verge that other manufacturers who use the PTP protocol could also be vulnerable to the same attack.

Permalink to story.

 

Nero7

Posts: 498   +236
Ofc nothing is safe. There is no such thing as 100% safety especially not for digital products. Even offline hardware can be infected with all kinds of specialized tools.

Expect more such news within every 12 hours.

The revelations are upon us.
 

Uncle Al

Posts: 8,001   +6,775
Strange that they are only just not notifying owners .... the problem has existed ever since their first direct WiFi connection but in most cases in the past you simply needed to remove batteries then reboot the system so this one must be a bit more aggressive ....
 

Igrecman

Posts: 300   +179
That's North Korea for sure. That's how they get the funds to make their miserable dictatorship survive, but barely. China and Russia are doing nothing about it, they just applaud and laugh.
 

Markoni35

Posts: 961   +390
OMG, which cretino makes a DSLR identical to a phone, or laptop? It should have totally different firmware, and unable to execute any external code. Are all software developers nowadays complete morons? Do other camera manufacturers have similar imbeciles making their firmware??
 

Markoni35

Posts: 961   +390
If it's got software and can be connected to the internet, it can be hacked.

Nope. When the software is well made it's not possible to execute external code. But it's this new generation of imbecile programmers that just include an external library and voila - the software is finished. Quickly and sloppy. It includes the same Android OS as phones or SmartTVs, but they don't care. They don't even disable features to make them more safe. What a bunch of..... (censuring myself).
 

urbanman2004

Posts: 160   +55
Another reason I never support Canon products. Not only are they inferior to other competitors, but now they're plagued w/ exploits.