Security researchers have found even more vulnerable IoT devices waiting to be taken advantage of by the Mirai botnet and consorts. Several backdoors have been discovered in over 80 different IP camera models produced by Sony Corp. Moreover, there is close to half a million white-label IP cameras that are vulnerable to similar attacks. This is not a positive development, and only a sign of what is to come in the years ahead.
IP Cameras Become The New Mirai Targets
The growing network of IoT devices is both a positive and troublesome development. On the one hand, it is good to see more electronics being made accessible, whether through online interfaces or mobile applications. But these devices also suffer from lackluster security features, which make them extremely vulnerable to attacks and malware.
SEC Consult, an Austrian security firm, discovered two different backdoor accounts affecting Sony IPELA Engine IP Cameras. These devices are mainly used by large enterprises and government authorities. By using one of these two user accounts, hackers can gain remote access to these devices and take over the built-in web server. Once that step has been completed, they can do virtually anything they want.
In most cases, it seems plausible to assume that assailants will execute a telnet attack. Through this protocol, assailants scan complete remote logins over the Internet, the same attack vector used by the Mirai malware. Putting two and two together reveals that these Sony Corp IP cameras will be targeted by Mirai malware soon, assuming that has not happened already.
For now, it remains unclear how many of these devices could be vulnerable to a telnet attack, though. KrebsOnSecurity mentioned how there are over 4,000 devices reachable over the Internet, putting all of those devices at risk of being attacked. However, it is possible that the final numbers will be much higher.
Unfortunately, these are not the only types of IP cameras vulnerable to attack by the Mirai botnet. Cybereason security researchers discovered two new flaws affecting dozens of IP camera families produced under different brand names. The vast majority of these devices can be purchased on eBay or Amazon, making them widely accessible, and significant security risks.
To make matters worse, these devices can still be exploited when behind a firewall. This is rather unusual, since firewalls should be perfectly capable of eliminating any hacking attempts by assailants. All of these cameras have a factor-default P2P communication capability that enables remote cloud access through the manufacturer’s website.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
