Latest in Gear

Image credit: Check Point Research

Even DSLR cameras are vulnerable to ransomware

Hackers could hijack your valuable photos from a memory card.
532 Shares
Share
Tweet
Share

Sponsored Links

Check Point Research

Cameras are among the few devices that don't connect to the internet, so you'd think they'd be immune to hackers. However, researchers have discovered that some DSLRs and mirrorless cameras are actually vulnerable to ransomware attacks, of all things. Once in range of your camera's WiFi, a bad actor could easily install malware that would encrypt your valuable photos unless you paid for a key.

Check Point Software noticed that the Picture Transfer Protocol (PTP) -- which is unauthenticated in both wired and wireless modes -- is particularly vulnerable to malware attacks. Ironically, they were able to uncover flaws in the Canon EOS 80D by using firmware originally cracked by Magic Lantern, which supplies its own open source app with extra features to Canon EOS owners.

In a video, the researchers showed how they first set up a rogue WiFi access point. Once the attackers were range of the camera, they ran an exploit to access the camera's SD card and encrypt any photos. The surprised owner would then see a message that his pictures are no longer available unless he's willing to pay a ransom.

Check Point notes that cameras are a great attack target because they contain valuable personal photos that folks would be willing to pay for. It disclosed the vulnerability to Canon in March, and last week, Canon issued an advisory telling folks to avoid unsecured WiFi, turn off network functions and install a new security patch.

The issue affects most of Canon's camera lineup, from the EOS 70D to the mirrorless EOS R. It might not be limited to Canon, either, as Check Point told The Verge that other manufacturers, which use the same PTP protocol, could also be vulnerable.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
532 Shares
Share
Tweet
Share

Popular on Engadget

Could you live with this budget Android for four years?

Could you live with this budget Android for four years?

View
Eero's mesh WiFi routers now support Apple HomeKit

Eero's mesh WiFi routers now support Apple HomeKit

View
Logitech and Herman Miller team up to design ergonomic gaming furniture

Logitech and Herman Miller team up to design ergonomic gaming furniture

View
Harmonix’s next music-making game puts your DJ skills to the test

Harmonix’s next music-making game puts your DJ skills to the test

View
Optoma CinemaX P1 review: A stunning 4K projector with terrible apps

Optoma CinemaX P1 review: A stunning 4K projector with terrible apps

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr