Published: Tue, August 13, 2019
Electronics | By Kelly Massey

Digital cameras vulnerable to ransomware, Check Point researchers find

Digital cameras vulnerable to ransomware, Check Point researchers find

Researchers at Check Point Software Technologies revealed how the Picture Transfer Protocol (PTP) can be used to infect a DSLR camera with ransomware.

Check Point notes that cameras are a great attack target because they contain valuable personal photos that folks would be willing to pay for.

Digital cameras use Picture Transfer Protocol (PTP) to transfer digital files and the firm's researchers discovered how to exploit vulnerabilities in the protocol to infect a camera with ransomware, which they showed off at this year's Defcon security conference. This not only encrypted the contents of its SD card, including photos and videos, but also locked the camera itself, rendering it useless until a requested ransom is paid and an unlock code is shared with the affected user. Once a Canon EOS 80D camera joined that wireless access point, the researchers were able to remotely install the malware on it.

"Any "smart" device, including the DSLR camera, is susceptible to attacks", said Check Point security researcher Eyal Itkin.

"Once compromised, the attacker has full control over the camera, and they could brick it, use it as an espionage tool, or ransomware it as we demonstrated".

Our most reliable meteor shower
If you miss the peak, the Perseids will still be around until about August 24, but with gradually diminished rates of meteors . NASA also suggests staying up late, or waking up early throughout the nights of August 11 to 12 and August 12 to August 13.

Still, security researchers at Check Point have at least managed to play with the formula a little, and have discovered a way of making a Canon EOS 80D hold an owner's photographs to ransom, with the demand for cash displayed on the device's 3in TFT screen.

"Cameras are no longer just connected to the USB, but to the WiFi network and its surrounding environment". "Critical vulnerabilities in the PTP were found", Check Point said in a statement on Sunday, detailing the study.

It advises users to avoid connecting to an unsecured network such as free Wi-Fi spots, disabling the camera's network functions when not in use, and updating the official firmware via a download from Canon's website. This makes them more vulnerable to threats as attackers can inject ransomware into both the camera and PC it is connected to.

As Canon explains, there have been no reported cases of this vulnerability actually being exploited to install ransomware IRL, but now that the info is out there, the company is working as quickly as possible to patch affected DSLRs. They found several vulnerabilities, including buffer flows enabling code execution, which could allow the camera to be taken over remotely using a malicious - and silent - firmware update.

Like this: