Security researchers have discovered that DSLR cameras, which are connected to a Wi-Fi network, are vulnerable to ransomware attacks. The researchers, from the security firm Check Point Software, discovered that connected-cameras can be hacked if an attacker is nearer to the camera’s Wi-Fi.
Demonstrating their discoveries at the DefCon 2019 hacking conference, the researchers stated that hackers can encrypt the digital photos once they compromise the device. The researchers used and identified the flaws in a Canon EOS for their demonstration.
According to the researchers, the digital cameras use Picture Transfer Protocol (PTP) to transfer digital files, which can be exploited by malicious actors to infect the camera with ransomware.
The researchers presented how an attacker can inject the malware and encrypt photos in the camera’s memory using the cryptographic process.
Check Point stated that they reported these issues to Canon in March 2019. However, Canon urged its customers to avoid unsafe Wi-Fi networks and upgrade the device in order to fix the bugs.
“Daniel Mende demonstrated all of the different network attacks that are possible for each network protocol that Canon’s EOS cameras supported at the time. At the end of his talk, Daniel discussed the PTP/IP network protocol, showing that an attacker could communicate with the camera by sniffing a specific GUID from the network, a GUID that was generated when the target’s computer got paired with the camera. As the PTP protocol offers a variety of commands, and is not authenticated or encrypted in any way, he demonstrated how he (mis)used the protocol’s functionality for spying over a victim,” Check Point stated in a post.
“In our research, we aim to advance beyond the point of accessing and using the protocol’s functionality. Simulating attackers, we want to find implementation vulnerabilities in the protocol, hoping to leverage them in order to take over the camera. Such a Remote Code Execution (RCE) scenario will allow attackers to do whatever they want with the camera, and infecting it with Ransomware is only one of many options,” the statement added.
