Checkmarx Named a Leader in The Forrester Wave: SAST

Are You Being Watched Through Your Connected Cameras?

In October 2016, a massive distributed denial-of-service (DDoS) attack left millions of people around the world without major websites – including Twitter, Reddit, and Amazon – by taking them off the grid. This was directly caused by attackers easily guessing easy/default passwords on wireless IP cameras which were infected with a malware and then used to create a botnet. This incident is not only considered one of the biggest cyberattacks ever, but also one of the more recent hacks and breaches revolving around webcams and wireless IP cameras.



For decades, wireless IP cameras have been deployed everywhere – from shops and restaurants to offices and cafes – due to their great track record in watching and perhaps even preventing physical crime and break-ins. People across the globe purchase and use these cameras with means of surveillance and monitoring their surroundings for security reasons. But what if the situation is, or can be, reversed? What if the very cameras purchased to make you feel safe are actually watching you?


Security Cameras Aren’t That Secure

It’s safe to say that there are enough security cameras on the market that aren’t built with security in mind, and there is plenty of research to prove it. For the past decade, security researchers have been bringing to light the large scale security vulnerabilities found in popular security cameras. Yet instead of manufacturers working to improve and secure their devices, the situation is actually getting worse.


Through extensive research, the Checkmarx Security Research Team demonstrated how the popular Loftek CXS 2200 and VStarcam C7837WIP wireless IP cameras, purchased by users across the globe, are actually putting thousands at risk. The findings show how the vulnerabilities previously found by other researchers are still alive and well within many devices, but also managed to uncover a whole new horizon of vulnerabilities which can allow hackers to easily connect to a device by exploiting one (or more) of the flaws. Not only that, but they can also be easily leveraged to execute what we like to call a “cambot army”. The already well known Mirai botnet did exactly that.


Among the flaws, the research uncovers how the cameras come equipped with incredibly weak password security and remote internet access enabled by default. This alone can allow hackers to remotely allow hackers to remotely gain access to the camera feed. And the list of vulnerabilities goes on and on, showing that an attacker simply needs to take their pick of attacking style, and there will likely be an option ready.


Surveillance cameras are often placed at entrances and exits in areas considered to be sensitive or under protection, such as server rooms, areas containing expensive equipment or merchandise or a bank vault. Often enough, the cameras are even hidden in order to monitor customers or employees without them knowing about it. The danger with placing unsecure cameras to “guard” such areas, means that if attackers obtain the authorized access to the devices, they could easily turn the cameras off to cover for a physical robbery.


Another major security incident just waiting to happen revolves around a user’s personal privacy, which is easily breached when unsecure cameras are placed around a house. The camera could be used to spy, record, and collect content which could then be used by an attacker to launch a full scale ransom attack.  We all remember when Angela’s cam was hacked in Mr Robot, right?  


As the security scans came to an end, the Security Research Team concluded that if your camera is connected, you’re almost certainly at risk. It’s as simple as that. A malicious user can exploit your device to track your day-to-day, steal your email data, breach your wireless connection, gain control over other connected devices, and much more. To learn more about the security camera vulnerabilities identified by Checkmarx, download the full report:

Jump to Category