The idea behind Closed-circuit security cameras (CCTVs) is to keep everyone safe as they monitor what is important to them. However, in recent news, a malware has been turning them into botnets. Incapsula researchers have found out a code that has turned about 900 CCTV cameras running embedded Linux into a botnet, targeting rarely used asset of unnamed "large cloud service" that has been catering millions of people worldwide.
According to the report, all compromised CCTV cameras were running embedded Linux with BusyBox - a package of striped-down common Unix utilities that have been bundled into a small executable that has been built for systems that have limited resources.
The malware researchers had found inside was an ELF binary for ARM that can scan network devices that run on BusyBox. In the process, the malware looks for vulnerabilities that are susceptible to brute-force dictionary attacks.
Reports say that the botnet conducts a "run of the mill" denial of service (DoS) attack, and it would be rather easy to stop the attacks by exercising caution. However, the threat emphasizes that even security cameras are dangerous should they be weaponized. As millions of connected cameras are located worldwide, with many of which are most likely installed improperly, hackers spying on people is a definite scenario that can occur without warning. This is a call to companies to equip the CCTV cameras they offer with more security while also informing their customers on how to protect themselves from such dangers in the technology that is currently at risk.
Incapsula hopes that the discovery will raise the awareness of people about the importance of basic security practices and the possible threat that can be caused by unsecured connected devices. The company is in the process of mitigating another (Distributed Denial of Service) DDoS attack, and this time it is from a network attached storage-based botnet that is also compromised by brute-force dictionary attacks.