Millions of wireless Security Cameras Are at Risk of Being Hacked: What to Do

Millions of wireless Security Cameras Are at Risk of Being Hacked: What to Do

As many as 35 million wireless home security cameras worldwide are at risk of being compromised by cybercriminals due to serious design and software flaws, according to a new study by Which? a UK-based consumer watchdog group

Which? found that attackers could use these dangerous vulnerabilities to spy on people, access personal data, and take control of other devices

Most cameras are available at retailers such as Amazon and eBay, and can be hacked even if users change their passwords

The researchers said that flaws found in the design and software of these cameras could allow an attacker to: [Of the 35 million cameras found, the majority were in Asia However, an estimated 700,000 were used throughout Europe, and 100,000 were used in the UK

During the study, Which? researchers teamed up with US security expert Paul Malapese and purchased cameras made by Accfly, Elite Security, Genbolt, ieGeek, and SV3C through Amazon The results proved to be easy to remotely hack

The researchers tested five models for this study and estimate that 47 wireless camera brands may have this vulnerability due to shared components and software [Affected brands include Alptop, Besdersec, COOAU, CPVAN, Ctronics, Dericam, Jennov, LEFTEK, Luowice, QZT, and Tenvis According to the researchers, any wireless camera that interfaces with the CamHi mobile app and has some sort of unique identification number (UID) can be compromised

Marrapese explains on his website that the UID should be printed on a sticker or label on the camera, often along with an administrative username and password His website lists over 100 UID prefixes that indicate a device may be vulnerable

Kate Bevan, editor of Which? Computing, says: "But in reality, you may be unwittingly inviting hackers into your home or workplace

"Anyone with such a camera in their home should immediately turn it off and stop using it

Bevan also called on lawmakers to take action, saying: "The government must push forward with plans to enact legislation requiring that connected devices meet certain security standards and back this up with strong enforcement

Categories