Cybersecurity researchers are always looking for flawed systems in order to expose vulnerabilities. The latest effort was made by a group of researchers who hacked a Canon EOS 80D DSLR camera in order to test a ransomware scheme.
The researchers from Check Point Research used the Picture Transfer Protocol (PTP) of the camera in order to exploit the system and hold all the photos away from the user. PTP services are generally used to transfer images and can be exploited in order to prevent the user from doing it.
Many new cameras have it as you can transfer photos using WiFi instead of a USB device, but this opens up a breach that hackers can you to take your photos and then ask ransomware for them if you ever want to have them back.
If a hacker is able to put malicious code into the camera, he can take control of the pictures and then demand ransomware. During their tests, the researchers discovered a way of doing it to encrypt the storage systems of the device.
After that, they could contact the victims and offer the keys to decrypt the camera’s files in exchange for money.
The researchers affirmed that hackers have achieved a moderate level of success with this kind of threat, especially by targetting photographers and other people who rely a lot on photos.
Canon developers were warned about the vulnerability this year, so they patched it up before Check Point Research made it public. Because of this, at the moment, the hack is not supposed to work on any kind of model in the market.