Researchers responsibility reported these vulnerabilities to Canon in March this year. "This means that even if all of the implementation vulnerabilities are patched, an attacker can still infect the camera using a malicious firmware update file."Ī real ransomware attack of this type is one of the biggest threats to your precious memories where hackers can typically demand money in exchange for the decryption key that would unlock your photos, videos and audio files.
"There is a PTP command for a remote firmware update, which requires zero user interaction," the researcher explains. Once the attacker is within the same LAN as the camera, he can initiate the exploit," Itkin explains.Įxploiting Canon DSLR Flaw to Deploy Ransomware Over-the-AirĪs a proof-of-concept, the researcher successfully exploited one of these vulnerabilities that allowed them to push and install a malicious firmware update on a targeted DSLR camera over WiFi-with no interaction required from the victim.Īs shown in the video demonstration, the malicious firmware was modified to encrypt all files on the camera and display a ransom demand on its screen using the same built-in AES functions that Canon uses to protect its firmware. "This can be easily achieved by first sniffing the network and then faking the AP to have the same name as the one the camera automatically attempts to connect.
Besides file transfer, Picture Transfer Protocol also supports dozens of commands to remotely handle many other tasks on camera-from taking live pictures to upgrading the camera's firmware-many of which have been found vulnerable.
0 kommentar(er)
