#Login Register

  • 0 Vote(s) - 0 Average

50 million cameras exposed to hackers due to massive security breach
01-31-2013, 11:50 PM #1
Posts:4,546 Threads:1,029 Joined:Jun 2012
Internet users, beware: new security research has revealed that 40-50 million network-enabled device can be hacked and controlled remotely, with vulnerable products including cameras, printers and routers.

By hijacking personal devices like cameras, hackers can easily watch the every move of the device's owner and invade the privacy of millions of users.

Internet routers that use a protocol called Universal Plug and Play (UPnP) allow network-connected devices such as computer and printers to make themselves easily discoverable, but new research by the security firm Rapid7 shows that this discoverability can be exploited by hackers.

Many routers are set to use the UPnP by default, thereby subjecting all network-enabled devices using the router to the damage that hackers are able to inflict. As many as 50 million unique devices can be exploited and about 6,900 products are vulnerable to software bugs that have already been found in three different implementations of the protocol.

Vendors including Cisco’s Linksys, Belkin, D-Link, and Netgear produce routers that make themselves and their connected devices susceptible to software bugs. At least 23 million types of connectible devices could be hijacked and permanently disabled, while others would face temporary incapacitation.

Using the discoverability of the devices, hackers could invade the network itself, regardless of any sort of firewalls that might be in place, thereby endangering personal information. Hackers could use UPnP-enabled routers and their devices to access confidential files, steal passwords, take full control of computers and access webcams, printers and other security systems.

“We never expected this much UPnP to be exposed on the Internet. The scope of the exposure just blew us away,” Rapid7’s chief security officer H.D. Moore told Forbes.

“This is the most pervasive bug I’ve ever seen,” he told Reuters, referring to the software bugs that Rapid7 discovered in most of the vulnerable devices that were tested.

more here: RT
02-01-2013, 12:12 AM #2
JayRodney ⓐⓛⓘⓔⓝ
Posts:30,424 Threads:1,481 Joined:Feb 2011
Quote:The scope of the exposure just blew us away
Bet it felt good though. chuckle.gif

02-01-2013, 03:57 AM #3
オタマジャクシ Member
Posts:1,104 Threads:31 Joined:Nov 2012
UPnP should never be exposed to the internet.

Universal Plug and Pray is kind of dangerous. However you can block the PnP IP ports on your router and limit the problem.
02-01-2013, 04:02 AM #4
UniqueStranger Art in my heart
Posts:14,993 Threads:444 Joined:Jun 2012
Perhaps TPTB will offer the jailed anonymous hackers a deal to hack the hackers.




DISCLAIMER / Terms of Service (TOS):
Kritterbox.com - Socialize anonymously, commentary, discussion, oddities, technology, music and more!  This website is provided "as is" without warranty of any kind, either expressed or implied. kritterbox.com shall not be liable for any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, whether or not advised of the possibility of damage, and on any theory of liability, arising out of or in connection with the use or performance of this site or other documents which are referenced by or linked to this site.
This website exists solely for the purposes of exchange of information, communication and general entertainment. Opinions from posters are in no way endorsed by kritterbox.com. All posts on this website are the opinion of the authors and are not to be taken as statements of fact on behalf of kritterbox.com. This site may contain coarse language or other material that kritterbox.com is in no way responsible for. Material deemed to be offensive or pornographic at the discretion of kritterbox.com shall be removed. kritterbox.com reserves the right to modify, or remove posts and user accounts on this website at our discretion. kritterbox.com disclaims all liability for damages incurred directly or indirectly as a result of any material on this website. Fictitious posts and any similarity to any person living or dead is coincidental.
All users shall limit the insertion of any and all copyrighted material to portions of the article that are relevant to the point being made, with no more than 50%, and preferably less of the original source material. A link shall be visible in text format, embedded directly to the original source material without exception.
No third party links, i.e. blogs or forums will be accepted under any circumstances, and will be edited by staff in order to reflect the original source of copyrighted material, or be removed at the sole discretion of kritterbox.com.
Fair Use Notice:
This site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. Users may make such material available in an effort to advance awareness and understanding of issues relating to economics, individual rights, international affairs, liberty, science, and technology. This constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C.Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for educational and/or research purposes.
This Disclaimer is subject to change at any time at our discretion.
Copyright © 2011 - 2017 kritterbox.com