Security Researcher Discovers That DSLR Cameras Are Vulnerable to Ransomware Attacks: Report

Looks like cameras aren’t safe either from hackers

By Roydon Cerejo | Updated: 13 August 2019 16:32 IST

Security Researcher Discovers That DSLR Cameras Are Vulnerable to Ransomware Attacks: Report

Photo Credit: CheckPointResearch

As if protecting our phones and laptops weren’t enough, we now have to be careful about out cameras too

Highlights

Security researcher manages to install ransomer on a DSLR
The camera used here was a Canon EOS 80D
The ransomware encrypts your photos so you can’t see it without the key

In the world of technology, we've been dealing with spyware and ransomware attacks on our devices for years now. Gadgets such as mobile phones and laptops based on Android and Windows have long been vulnerable to hackers, but did you ever think that this could happen to your digital camera too? Well, a recent study conducted Check Point Research have proven that digital cameras can also be vulnerable to ransomware attacks.

The research was conducted by Eyal Itkin, of Check Point Research, who details the entire process of how this hack was carried out. Itkin chose to use a Canon EOS 80D DSLR, simply because Canon is popular brand and that particular camera supports USB and Wi-Fi. Itkin was able to hijack the camera using PTP or Picture Transfer Protocol, which is commonly used by cameras to connect to a computer and if usually not encrypted. The report states that the ransomware can be uploaded to the camera through USB (provided the host computer already has the malware) or by directly tapping into the camera's inbuilt Wi-Fi (provided your close enough to the camera). Itkin even put up a short video, demonstrating how this can be easily done over Wi-Fi.

Now, unlike our phones and laptops which can have a lot of our sensitive information such as you home address or credit card details, your camera won't. However, it will have photos of you family vacation and others that you might not want the world to see. By installing the ransomware, hackers can encrypt your photos so the only way to access it would be via a decryption key, for which, they could demand a certain sum of money. Depending on how sensitive or badly you want the photos, victims would probably be willing to pay up.

Itkins reached out to Canon regarding this vulnerability back in March and now that this report is made public, Canon has issued a statement warning users to avoid connecting their cameras to open public networks and to disable Wi-Fi when not needed. The hack as so far proven to work on a Canon camera, but there is a good chance that other cameras, from other manufacturers, could be vulnerable too.

Comments

For details of the latest launches and news from Samsung, Xiaomi, Realme, OnePlus, Oppo and other companies at the Mobile World Congress in Barcelona, visit our MWC 2025 hub.

Further reading: Canon, Ransomware