Hackers Can Now Target DSLR Cameras With Sophisticated Remote Ransomware Attacks

DSLR Ransomware
Security researchers have discovered it is possible to hack a digital SLR camera with Wi-Fi capabilities (fast becoming a common feature in modern DSLR cameras) to install ransomware, thereby hijacking a user's photographs. Just as it happens on a PC, the photos would be encrypted, with the attacker threatening to permanently delete them if a ransom is not paid.

"Although most users connect their camera to their PC using a USB cable, newer camera models now support WiFi. This means that what was once a PTP/USB protocol that was accessible only to the USB connected devices, is now also PTP/IP that is accessible to every WiFi-enabled device in close proximity," Check Point says.

According to Check Point, attackers view the PTP layer as an attractive target for several reasons. For one, it is an unauthenticated protocol with support for dozens of different complex commands. It is also equally exploitable over USB or Wi-Fi, while the latter makes modern cameras accessible to nearby hackers.

Check Point researchers demonstrated how it would be possible to infect a camera with ransomware by infiltrating a Canon EOS 80D. The researchers chose that particular model because Canon controls over half of the market, and EOS 80D supports both USB and Wi-Fi.

There is a bit of work involved in hacking a DSLR, but the Check Point researchers did discover numerous vulnerabilities that can be exploited, details of which are laid out in a blog post (hit the link in the Via field below to reach about each one).

Should you really be worried, though? These exploits require an attacker to be within the vicinity, and to set up a rogue Wi-Fi Access Point.

"This can be easily achieved by first sniffing the network and then faking the AP to have the same name as the one the camera automatically attempts to connect. Once the attacker is within the same LAN as the camera, he can initiate the exploit," the researchers state.

From our vantage point, attackers are more likely to continue targeting PCs and mobile devices, but something like this is not out of the realm of possibility. In addition, if a PC is infected, it would also be possible to infected a DSLR that gets connected as well.

"Our research shows that any “smart” device, in our case a DSLR camera, is susceptible to attacks. The combination of price, sensitive contents, and wide-spread consumer audience makes cameras a lucrative target for attackers," the researchers add.

While these kinds of attacks are not very common, and perhaps nonexistent at the moment, this type of research should be a wake-up call to manufacturers as more and more devices gain Internet-connected features.