1 min read

Remote ownage of 100k+ Camera and Gateway devices demonstrated at Defcon

Bogdan BOTEZATU

August 02, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Remote ownage of 100k+ Camera and Gateway devices demonstrated at Defcon

It’s now anno domini 2017 and the number of Internet-connected devices surpass the living population by an order of magnitude. And while most of these devices help us reinvent the way we interact with our homes, our offices or with our own bodies, some “smart things” can lend hackers a helping hand in digital burglary.

This is the case with over 120,000 internet-connected security cameras manufactured by Shenzhen Neo Electronics, whose firmware contains a massive security flaw that renders them remotely exploitable. A bug in the authentication mechanism allows a remote attacker to completely take control and run commands on the vulnerable devices and turn them into a zombie army ready to trigger the next Mirai or to become tools of mass surveillance in users’ homes.

Our own Chief Security Researcher Alex “Jay” Balan got on the Defcon IoT stage with a live demo of the exploitation. And while we’re eagerly waiting for the video, his presentation ([download id=”0″]) and the technical whitepaper documenting the findings are ready for download.

tags


Author



Right now

Top posts

A Red Team Perspective on the Device42 Asset Management Appliance

A Red Team Perspective on the Device42 Asset Management Appliance

August 10, 2022

1 min read
Vulnerabilities Identified in Wyze Cam IoT Device

Vulnerabilities Identified in Wyze Cam IoT Device

March 29, 2022

1 min read
New FluBot and TeaBot Global Malware Campaigns Discovered

New FluBot and TeaBot Global Malware Campaigns Discovered

January 26, 2022

10 min read
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately

Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately

December 10, 2021

2 min read
Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand

Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand

November 08, 2021

2 min read
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware

Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware

September 16, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Real-Time Behavior-Based Detection on Android Reveals Dozens of Malicious Apps on Google Play Store Real-Time Behavior-Based Detection on Android Reveals Dozens of Malicious Apps on Google Play Store
Alexandra BOCEREGRăzvan GOSAAlbert ENDRE-LASZLOAlex BACIUSilviu STAHIE
7 min read
RIG Exploit Kit Swaps Dead Raccoon with Dridex RIG Exploit Kit Swaps Dead Raccoon with Dridex
Mihai NEAGUGeorge MIHALI
1 min read
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately
Silviu STAHIE

December 10, 2021

2 min read