Sci-tech

Even your DSLR camera is vulnerable to a ransomware attack

Even your DSLR camera is vulnerable to a ransomware attack

Many new cameras have it as you can transfer photos using WiFi instead of a USB device, but this opens up a breach that hackers can you to take your photos and then ask ransomware for them if you ever want to have them back. The pair have been working together on a fix, with Canon issuing a warning to camera owners last week not to use unsecured WiFi networks.

In a test confirming the exploit, the researchers set up a Wi-Fi access point.

Effectively this hack would allow the perpetrators to do anything they wanted with the camera, stealing and locking the images, and completely locking out the user from being able to use it.

Amongst the various devices/apps getting infected by ransomware attacks, we have a new device - a DSLR camera.

Check Point said: "Initially focused on image transfer, PTP now contains dozens of different commands that support anything from taking a live picture to upgrading the camera's firmware".

Bianca Andreescu win Rogers Cup after Injured Williams retire
Andreescu broke early in the first set to lead 2-1 and then consolidated the break after an unforced error from Williams . Obviously, I get upset really easily sometimes, and just knowing that I can get injured any second sucks.

According to the research, attackers can install ransomware on selected DSLR cameras via the Picture Transfer Protocol, with Wi-Fi-enabled cameras being vulnerable to remote attacks. "Based on our results, we believe that similar vulnerabilities can be found in the PTP implementations of other vendors as well". "Critical vulnerabilities in the PTP were found", Check Point said in a statement on Sunday, detailing the study. "The combination of price, sensitive contents and wide-spread consumer audience makes cameras a lucrative target for attackers". Canon has more than 50-percent of the DSLR market, for instance, the EOS 80D has WiFi support along with USB, and the Magic Lantern aftermarket modding community has deeply explored its firmware.

Check Point Research notified Canon of these vulnerabilities in March, and Canon pushed out a security patch on August 6th. The findings, which were shared with Canon ahead of the public reveal, have left Canon scrambling to patch a serious security flaw.

The team, led by researcher Eyal Itkin, demonstrated in a video how a hacker could encrypt images on a SD card and make them inaccessible to the camera's owner through a WiFi network.

"Imagine how would you respond if attackers injected ransomware into both your computer and the camera, causing them to hold your entire library of pictures and videos hostage unless you pay their ransom", the researchers wrote in the blog post.