Wed. Feb 26th, 2020

DSLR cameras may be exploited by attackers to spread ransomware

2 min read

The ransomware that has intensified in recent years seems to be attacking more electronic devices. What is unexpected is that digital cameras may also be targets. Usually, ransomware will only launch attacks against businesses or government agencies, because hackers can obtain higher extortion ransoms because of the higher value of the data. The blackmailers facing digital DSLR cameras mainly value the photos taken by the device holders, and the extortionists usually do not ask for too many ransoms. This is a higher probability of successful ransom, so many hackers who mainly develop ransomware are gradually turning their targets to digital DSLR cameras.

Image: checkpoint

Researchers from CheckPoint say using a standardized image transfer protocol is an ideal way to deliver malware because the delivery photos themselves are supported by all cameras. And because you don’t have security features such as authentication, you can use it directly with WiFi or USB. An attacker only needs to make specific malware. For example, setting up a malicious WiFi in a popular attraction induces the victim to connect, and then sends an image carrying the malware to the digital DSLR to infect.

In the attack demonstration, the researchers successfully infected the Canon E0S 80D camera via WiFi and encrypted all the images on the memory card with malware. You can even display a text reminder on your camera’s small display that is encrypted and so on, which is not much different from the ransomware on the desktop.

Security company CheckPoint has notified the vulnerability to Canon in March, and Canon has released a new version of firmware to fix camera vulnerabilities. Obviously, this kind of vulnerability can find more after a follow-up, and other brands of digital cameras may have similar security problems. Canon’s advice is that users need to install the latest security patches immediately, and don’t use unsecured WiFi hotspots.