On March 7, a CCTV leak occurred at a plastic surgery clinic in Gangnam, South Korea. The leaked video was posted on an Internet community, with about 31 videos showing 30 female victims. As some celebrities are among the victims, the case has become more of an issue. 

Plastic Surgery CCTV Leak : Part of the leaked Gangnam plastic surgery clinic CCTV footage | Source: KBS
Part of the leaked Gangnam plastic surgery clinic CCTV footage | Source: KBS

This case is called the ‘Gangnam Plastic Surgery CCTV Leak’ or ‘Plastic Surgery CCTV Hacking’. However, the actual leaked video was filmed with IP cameras, not CCTVs (Closed Circuit Television). 

As CCTVs are not connected to the external Internet, only people who own camera equipment can watch the filmed footage. However, as IP cameras are IoT devices connected to the Internet, they are vulnerable to hacking and leakage. 

Is It Caused by Vulnerable Chinese IP Cameras?

The IP cameras that were illuminated in the Gangnam Plastic Surgery CCTV Leak case are known to be a product of company “H” in China. Various media outlets are reporting that the use of Chinese IP cameras, which are vulnerable to security, is the cause of the hacking. 

Plastic Surgery CCTV Leak : China's IP camera company 'H', known to be the cause of the Gangnam Plastic Surgery IP Camera Leak | Source: KBS
China’s IP camera company ‘H’, known to be the cause of the Gangnam Plastic Surgery IP Camera Leak | Source: KBS

Some IP camera products with weak security have hacking methods and tools posted on overseas hacker communities, making them easier to hack.

Plastic Surgery CCTV Leak : 'H' IP camera vulnerability scanning tool published in overseas hacker community
‘H’ IP camera vulnerability scanning tool published in overseas hacker community

However, regardless of them being from a Chinese company, IP cameras can be exposed to the Internet for various reasons due to their nature. Overall, there are more IP cameras around the world exposed to the Internet than expected.

Potential Targets, Over 400,000 IP Camera Servers Exposed to the Internet

Criminal IP, an OSINT search engine, allows users to search IoT devices through IP address information with the Asset Search function. This can be done by using the tag filter to search for IP cameras exposed on the Internet. 

Search Query : Tag: IP Camera

Search result of "tag: IP Camera" on the IoT search engine Criminal IP, over 401,154 exposed IP camera servers
Search result of “tag: IP Camera” on the IoT search engine Criminal IP, over 401,154 exposed IP camera servers

Search results show that there are more than 400,000 IP camera servers that are exposed to the Internet and are vulnerable.

What’s worse is that some servers have CVE vulnerabilities while some have been detected with the leakage of credentials such as authentication information that can be abused for hacking. Upon accessing the server, there are some cases in which the raw IP camera footage is shown.

IP camera servers that have been searched through Criminal IP that have CVE vulnerabilities and credential leaks
IP camera servers that have been searched through Criminal IP that have CVE vulnerabilities and credential leaks
Screen connected to an exposed IP camera server searched through Criminal IP
Screen connected to an exposed IP camera server searched through Criminal IP

Country Statistics of IP Camera Exposed to the Internet, U.S. Ranking 2nd

Criminal IP’s Element Analysis function shows the national statistics of exposed IP camera servers.

China has the most exposed IP cameras, with the U.S. ranking 2nd with over 50,000 exposed servers.

National statistics of IP camera servers exposed to the Internet, the U.S. ranking 2nd
National statistics of IP camera servers exposed to the Internet, the U.S. ranking 2nd

China, which has become an issue due to the Gangnam Plastic Surgery CCTV Leak, is overwhelmingly in 1st place, with about 130,000 exposed IP camera servers.

When searching only China’s IP camera servers with tag: IP Camera country: CN, most servers are seen to be in a weak state and classified as Critical.

Search Query : Tag: IP Camera country: CN

List of IP addresses of Ip camera servers in China, detected to be Critical
List of IP camera servers in China, detected to be Critical

Precautions When Using IP Cameras

IP cameras are widely used as a popular IoT product because they are easier to install and use than CCTVs.

However, like this Gangnam Plastic Surgery CCTV Leak case, it is also true that they can be hacked by a hacker or a curious individual to cause serious damage such as leaking videos or remote control.

Therefore, when using IP cameras, it is recommended to prepare for hacking attacks as much as possible by referring to the hacking prevention checklist below.

  • Use products that are proven to be secure
  • Set up login authentication on your device and set a complex password. Also, periodically change your password
  • Always update your software to the latest version
  • Use OSINT search engines such as Criminal IP to check the safety of IP addresses and IoT products in use

Please refer to our article on kiosk administrator servers exposed to the Internet for a relevant case study.

Data Source: Criminal IP (https://www.criminalip.io)

Related Article:

KIOSK Hacking: Tips to Improve Your Kiosk Security