Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Bugs Discovered Leading to Backdoors in Sony White Box Cameras

pc-issues-stforum Brand new vulnerabilities have been revealed concerning the IP White Box cameras made by Sony. Two primary alerts have popped out this week concerting the IP cameras, suggesting the IoT security is beginning to become a widespread problem for both consumers and companies as well.

News broke out at SEC Consult, claiming in their research that there is a backdoor that was discovered in several IP Cameras made by Sony. These backdoors allow for the ones attacking the devices to control the fully and use them to either attack other devices in their network or to spy directly via them. IT may also allow for altering of the image and disconnecting the camera via a cyber-attack, like DDoS, for example. The price of those cameras ranges from $500 to thousands of dollars.

As soon as the issue was discovered, the company has released an update to the firmware of those devices specifically oriented towards patching this issue.

Further analysis after SEC Consult discovered the exploits has resulted in the discovery of hard-coded credentials located in the firmware. One of those credentials was used to control user accounts and the other one was pointed towards direct administrative god-mode type of access (root). The names of the two accounts were respectively:

  • primana
  • debug
  • Texttt
  • Texttt
  • Texttt
  • Texttt
  • Texttt

After infections it really comes down to the imagination of the attacker. One scenario is that these could be used to access neighbor devices via the Telnet protocol or SSH protocol if the software for cracking SSH is available at the dispose of the cyber-criminals. This can result in taking control of key devices such as switches or multilayer switchers and routers as well as important AP’s which can result of a full control of an organization’s network.

Hackers Could Manipulate Cameras’ Image

One of the discovered accounts, named “primana” also had administrative access to control the picture of the camera and control to physically alter where the camera is pointing at. Other privileges used by these cameras allow for organizations to take advantage of the heater of the cameras, more importantly activate it and deactivate it.

Everyone who is using these cameras is strongly advised to update their firmware with the latest by Sony. Furthermore, to secure the devices it is also recommended to create a VLAN whitelist and further secure firewalls as well.

Zero Days Bugs Discovered as Well

Another alert concerning IP cameras notifies about two zero-day bugs, discovered by Cybereason.

One of those bugs has the ability to enable the sharing of information with the IoT device and to bypass any authentication present. This exploit can be performed to get a hacker access to important information, like passwords used to access the hacked and other IoT devices connected to it. And the password strength does not play any role in this, meaning that no matter how strong your password is, it can still be hacked via this zero-day bug.

This leads to the second bug which was discovered, which allows for an external third-party to somehow gain access to the login screen to the cameras, where the hacked passwords and credentials can be entered to gain access to the device.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.