Christmas, which many people look forward to, is the peak season for hackers to spread malware, leak information, and conduct phishing scams. With all the end-of-year celebrations and public holidays, there is a lack of security staff monitoring the increase in online shopping and congratulatory messages being sent. Hackers will take advantage of the loosening cyber defenses and carry out cyber crimes. In particular, IoT and smart home products, which are becoming increasingly popular Christmas gifts, are good targets for hackers to exploit. Therefore, it is important to be careful of IoT and IP camera hackings that may occur. If you happen to come across an incredibly cheap Christmas special-priced IoT device, be careful, as devices sold at affordable prices often suggest that they have security flaws.
For example. an IP camera called Wireless IP Camera (P2P) WIFICAM has an authentication bypass vulnerability (CVE-2017-8225), so there have been many cases where the product was found to be infected with botnets.
Smart products with security flaws allow hackers to easily hack into users’ accounts and access all their information. In all the IP cameras, AI speakers, and cordless vacuum cleaners sold on Amazon, eBay, and AliExpress, there is a good chance that it has already been hacked and is being used with malicious intent.
IP Cameras With Sub-Par Authentication Settings Are the Primary Targets
Hackers who hack robot vacuum cleaners and IP cameras monitor the homes of their victims or illegally distribute videos of them. Devices that do not have login authentication enabled or use a default password without changing them are usually the prime target of attacks.
Searching for exposed IP cameras on the internet using Tag: IP Camera on Criminal IP Asset Search gives a total of 428,473 results.
[Criminal IP Search 101 – How to Find Exposed IP cameras]
Search Query : Tag: IP Camera

In some cases, hacked IP camera screens can be viewed without any login authentication.

IoT Quitely Becoming Infected Like a Zombie
If a vulnerability is found in an IoT device, attackers can use the vulnerability to infect and inject malicious code. This makes a zombie device for DDoS attacks.
Inputting IoT keywords into the tag filter helps you to identify exposed IoT products and vulnerabilities.
Search Query : Tag: IoT

Among them, one IoT device was discovered to have as many as 39 vulnerabilities. This is something hackers can exploit for another cyber attack or sell information about the device on the dark web.

IoT Product, IP Camera Hacking Prevention Checklist
To ensure an exciting Christmas, not a security nightmare, the following security protocols should be implemented:
- Use products that are known to be secure
- Set up login authentication on devices and use complex passwords. Remember to change passwords from time to time.
- Ensure all product software is updated to the latest version
Most importantly, it is imperative to regularly use Criminal IP to ensure that your IoT is not exposed to the internet or has any vulnerabilities.
Please refer to our ‘Criminal IP Analysis Report on Overlooked Multi-Function Printer Vulnerability’ article for more information on IoT device vulnerability.
Source : Criminal IP (https://www.criminalip.io)
Related Article(s) :
Leave a Reply