Surveillance Cameras Found Embedded with Malware

surveillance-malwareSecurity researcher Mike Olsen has warned that some products sold through the Amazon marketplace are rigged with malware. According to Olsen, he discovered that the outdoor surveillance cameras he had purchased for a friend contained malware while fine-tuning the cameras. The seller, Urban Security Group, has generally good reviews and was offering a particular Sony set-up for sale.

[READ: Are smart technologies as harmless as we think?]

In his blog post, Olsen described how the software interface showed the camera feed, but the admin page did not offer normal control settings. “Being one of those guys who assumes bad CSS, I went ahead and opened up developer tools,” Olsen said. Instead of finding the options that he needed, he discovered an iFrame tucked at the bottom of the body tag. It was linking to a "very strange-looking" host name. After checking it on Google, he found that the host name was indeed linked to a site that distributes malware. The malicious site was shut down in 2009, but was spotted again in 2011 infecting sites with iFrames that led to the malicious domain. After his findings, Olsen contacted Amazon, who subsequently told him they would reach out to USG.

Home surveillance and security cameras are a great way to provide security to homes and the workplace. However, this also means setting up an internet connection to access the surveillance feed in real time. Newer surveillance cameras can be controlled remotely, making them useful for monitoring an area with a single camera. Because of the smartification of things, people can access recorded security activities online—making it accessible to anyone with an internet connection, including unauthorized users with the tools and the knowledge.

[READ: What should you consider when buying smart home devices?]

While the discovery reminds users to be wary and careful with the things they purchase, it should also serve as a warning. Some of these issues should be addressed by the device vendors, but users should still remember to follow the best practices for smart devices. These include changing the default login credentials and the use of strong passwords to ensure that network security and user privacy isn't compromised.
HIDE

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.